npm, PyPI, and Crates.io Cannot Afford Basic Security as Malware Costs Devour Thin Budgets, Alpha-Omega Audit Reveals
An audit of the world's largest open source package registries finds they spend 12 percent of their budgets fighting malware and just 2 percent on new features, with no path to sustainable security funding.
Overview
The package registries that underpin virtually every modern software project — npm, PyPI, Crates.io, RubyGems, and Maven Central — lack the funding to implement basic security protections against malware, according to findings presented at FOSDEM 2026 by Alpha-Omega co-founder Michael Winser. The audit paints a picture of critical infrastructure sustained by donations and volunteer labor, even as supply chain attacks grow more frequent and more destructive.
What We Know
Winser, whose Linux Foundation-backed project has spent the past year auditing the finances and operations of the world’s largest open source registries, delivered a blunt assessment at the Brussels conference on January 31: “We’re living on borrowed time.”
Alpha-Omega’s audit found that operating a major registry the size of Crates.io — which serves roughly 125 billion downloads per year — costs between $5 million and $8 million annually, according to The Register. Most of that money goes to keeping the lights on: bandwidth accounts for 25 percent of total expenses, followed by storage at 18 percent, compute at 15 percent, and malware detection at 12 percent. Just 2 percent is left for new feature development.
These registries operate on razor-thin margins, relying on non-continuous grants, donations, and in-kind corporate contributions. PyPI, the Python Package Index, would face a monthly bandwidth bill of approximately $1.8 million without Fastly’s in-kind sponsorship, which covers the cost of delivering its 700,000-plus packages at a sustained rate of 189 Gbps, as reported by The Register.
“The problem is they don’t have enough money to spend on the very security features that we all desperately need,” Winser said. He noted that Alpha-Omega itself underwrites a “distressingly” large share of registry security work, and warned that if the project were to miss a funding round, “a lot of registries would be screwed.”
The Threat Is Not Theoretical
The consequences of underfunded registry security became visible in September 2025, when a self-propagating worm dubbed Shai-Hulud compromised more than 500 npm packages. The attack began with credential-harvesting phishing campaigns targeting maintainers and spread automatically by injecting malicious code into every package a compromised developer maintained. CISA issued a formal alert urging organizations to audit their dependency files, rotate developer credentials, and mandate phishing-resistant multi-factor authentication.
A second wave, Shai-Hulud 2.0, struck in November 2025 and affected over 25,000 GitHub repositories, compromising maintainer accounts from widely used projects including those linked to Zapier, PostHog, and Postman.
Between 2019 and January 2025, researchers detected 845,000 malicious packages across major registries — the majority on npm — with a median removal time of 39 hours, according to The Register. The problem continues to accelerate: North Korea’s Lazarus group has been planting malicious packages on both npm and PyPI through fake cryptocurrency job offers, as reported by The Hacker News.
Existing Funding Efforts
The open source security ecosystem is not without support. The OpenSSF and 37 technology companies, including Amazon, Google, and Microsoft, have committed to a $150 million open source security initiative, with $30 million in initial funding, according to Dark Reading. GitHub launched a $1.25 million Secure Open Source Fund specifically targeting security work. The U.S. National Science Foundation’s Safe-OSE program offers up to $1.5 million per award for projects addressing open source security vulnerabilities.
But these sums are modest relative to the scale of the problem. If the $5 million to $8 million per-registry cost estimate holds across the five largest registries, the combined annual bill for adequate operations and security staffing would land in the range of $25 million to $40 million — and the broader ecosystem includes dozens of smaller registries serving specialized language and platform communities.
What We Don’t Know
It remains unclear whether any major registry has come close to actual service disruption due to funding shortfalls, or whether the warnings are precautionary. The full scope of Alpha-Omega’s audit findings, including registry-specific financial breakdowns, has not been publicly released.
It is also uncertain whether corporate donors and government programs will increase funding in response to Winser’s call to action. Winser described registries as “effective monopolies” that “own the name space,” but no governance framework currently exists to mandate minimum security standards or sustainable funding models for this critical infrastructure.
Analysis
The open source registry funding gap represents a classic tragedy of the commons. Companies collectively extracting trillions of dollars in value from open source software depend on registries staffed by small teams and sustained by donation-dependent budgets. The Shai-Hulud attacks demonstrated that this model carries systemic risk: a single compromised registry can propagate malware to thousands of downstream projects within hours.
The 12 percent of registry budgets currently consumed by malware detection is likely to grow as attackers deploy increasingly sophisticated supply chain techniques. Without a structural shift in how registries are funded — whether through mandatory corporate contributions, government investment, or a new governance model — the gap between threat sophistication and defensive capacity will continue to widen.