Mend.io’s Open Source Risk Report reveals a 33% increase in malicious packages added to its vulnerability database during the first nine months of 2022 compared to the same period in 2021. This growth reflects the rising number of published open-source packages and accelerating vulnerabilities. Despite companies remediating thousands of vulnerabilities monthly, many struggle to close the remediation gap. Additionally, 71% of IT and security leaders report their application portfolios have become increasingly vulnerable, highlighting the urgent need for improved open-source risk management practices.

Join for free to read