Tech »  Topic »  Next-gen software supply chain attacks up 650% in 2021

Next-gen software supply chain attacks up 650% in 2021


Open source is an engine for innovation, offering reliability, scalability and security for IT leaders intent on future-proofing their infrastructure. Learn how.

Let the OSS Enterprise newsletter guide your open source journey! Sign up here.

“Next-generation” software supply chain attacks have increased by 650% in the past year as bad actors proactively move upstream to wreak havoc by infiltrating open source software.

That’s according to Sonatype, a software composition analysis (SCA) platform that companies use to analyze their public and private codebases and evaluate them for security and compliance shortfalls.

Over the past year, Sonatype studied data from 100,000 production applications and 4 million component migrations made by software developers, alongside “operational supply, demand, and security” trends related to the Java, JavaScript, Python, and .Net ecosystems. This culminated in the firm’s seventh annual “State of the Software Supply Chain” report, which unearthed a range of findings.

The ...


Copyright of this story solely belongs to venturebeat . To see the full text click HERE