npm, PyPI, and Crates.io Cannot Afford Basic Security as Malware Costs Devour Thin Budgets, Alpha-Omega Audit Reveals
An audit of the world's largest open source package registries finds they spend 12 percent of their budgets fighting malware and just 2 percent on new features, with no path to sustainable security funding.
5 min read4 sources