Building from source blocks 98% of open source malware

Open source ecosystems like PyPI and npm are vital to modern software but are frequent targets for malicious actors. With hundreds of thousands of malware instances found annually, supply chain attacks like typosquatting and dependency confusion threaten organizations relying on these registries.

Rebuilt-from-source packages offer strong defense. By securely building libraries from verified source code and applying verification layers, malware exposure drops significantly:

· 98% mitigation of 3,000+ malicious Python packages
· 99.7% prevention of 8,783 malicious npm packages

Learn more about securing your supply chain in the full white paper.