India, Oct. 17 -- A new set of data from the Open Source Malware Index Q3 2025 reveals a major escalation in software supply chain attacks. Security analysts at Sonatype reported detecting 34,319 new malicious open source packages in the quarter, marking a 140% increase compared to the previous quarter.

The Q3 2025 analysis confirms that cybercriminals increasingly focus on intelligence gathering and establishing long-term, covert access within enterprise networks.

The distribution of new threats highlights this shift:

The data indicates that low-severity malware detections are declining as adversaries concentrate efforts on attacks that maximise disruption and data theft.

The report clearly identifies developers as the new security p...