Attackers are Exploiting Trust, Scale, and Automation Across Open-Source and Commercial Software and Emerging AI Ecosystems
Software Supply Chain Security Report 2026
Get the latest news
delivered to your inbox
Sign up for The Manila Times newsletters
By signing up with an email address, I acknowledge that I have read and agree to the Terms of Service and Privacy Policy.
How Sophisticated Malware, AI, and Broken Trust are Reshaping Software Security
Advertisement
CAMBRIDGE, Mass., Jan. 27, 2026 (GLOBE NEWSWIRE) —
ReversingLabs (RL), the trusted name in file and software security, today released its fourth annual Software Supply Chain Security Report. The 2026 report identifies a significant spike in threats, with cybercriminals and state-sponsored actors attacking open-source and commercial software supply chains, as well as AI development pipelines.
According to the firm’s latest supply chain security report, there was a 73% increase in detections of malicious open-source packages in 2025. The past year also saw a huge jump in the scope of software supply chain attacks, with the emergence of the first ever registry-native worm malware, Shai-hulud, and successful compromises of some of the most widely used open source packages and hacks of prominent open source maintainers. These incidents turned routine software dependency updates into mass malware delivery events.
To achieve their goals, attackers expanded their abuse of repository and CI/CD features. That included techniques such as dependency confusion, typosquatting, and GitHub Actions manipulation. Malicious actors also carried out focused attacks on cryptocurrency and AI development pipelines, where scale and weak controls amplify the impact of security compromises.
“Software supply chains are no longer a niche target for attackers-they’ve become one of the most exploited and strategically contested attack surfaces in cybersecurity,” said Mario Vuksan, CEO of ReversingLabs. “What we’re seeing is a clear shift in how adversaries operate. They are abusing trust, scale, and automation to compromise organizations at scale. In response, the future of software supply chain security must treat the software supply chain as a living environment. This means using continuous monitoring and validation, reproducible builds, and verified trust chains that extend across both human- and automated contributors.”
Advertisement
Open-Source Malware Explodes
2025 saw supply chain attackers shift their focus from small and obscure open-source projects with single maintainers to popular, widely used, and actively maintained open-source packages. Nowhere was that trend more evident than on npm, the world’s largest software registry and the default package manager for the Node.js runtime environment. In 2025, malicious activity on the npm repository more than doubled, accounting for nearly 90% of all the open-source malware detected. This growth can be attributed to npm developers’ use of the JavaScript language, the sheer size of the repository, and – critically- npm’s slower adoption of security controls.
These factors made it a high-value target, as evidenced by Shai-hulud, a registry-native, self-replicating worm first detected in September that combined token-stealing, the exposure of private-code repositories, and automated propagation in two distinct campaigns. According to the ReversingLabs software supply chain security report, Shai-hulud compromised more than 1,000 npm packages across two distinct campaigns, as part of a larger outbreak that exposed an estimated 25,000 GitHub repositories.
Of course, 2025 did bring some signs of progress, as well. Malware detected on PyPI and NuGet declined by 43% and 60%, respectively in the past year. These declines coincided with growing investments in security features on those platforms such as mandatory two-factor authentication (2FA), trusted publishing, and additional security barriers for certain package managers, which are driving malicious actors and campaigns to platforms that have fewer security controls in place.
Advertisement
Cryptocurrency Development Pipelines and Applications Remain a Top Target
In 2025, the cryptocurrency industry remained as the focus of a large percentage of malicious supply chain campaigns that targeted crypto wallets and applications, as well as blockchain infrastructure. Noteworthy incidents include:
* Two Python libraries posing as fixes for the open-source bitcoinlib library were designed to exfiltrate sensitive database files from victims after they were downloaded.
* The malicious npm package pdf-to-office and the malicious Python campaign involving thesolana-token package pretended to be a utility for developers working on applications that leverage the Solana blockchain.
* 14 malicious NuGet packages containing a malicious payload that either stole crypto- wallet credentials, crypto-funds, or OAuth client IDs and client secrets.
* The colortoolsv2 and mimelib2 npm packages abused Ethereum smart contracts to conceal malicious commands that installed downloader malware on compromised systems. Smart contracts then became a tool for delivering second-stage malware to unsuspecting victims.Attacks on Generative AI Supply Chains Continue
Malicious actors targeted AI development pipelines using many of the same means effective in non-AI-focused attacks. Incidents of note in 2025 include exploitation of the Hugging Face repository, where attackers used a technique dubbed NullifAI to abuse an AI model file format, known as Pickle (PKL). This incident highlights an emerging trend in which attackers are shifting tactics from simply exploiting software vulnerabilities to bypassing platform security features and processes in order to disrupt the software supply chain.
Advertisement
“Failure to detect attacks of this nature underscores a broader set of issues that are already emerging and will grow significantly more problematic as the use of AI coding tools continues to expand,” said Tomislav Peričin, Chief Software Architect and co-founder at ReversingLabs. “Over the course of this year, AI has increasingly fueled modern software development, simultaneously populating libraries and emboldening attackers. In many ways, it has become clear that AI is the supply chain itself. And while the benefits realized so far have been substantial, the security risks that accompany them are increasingly alarming. As organizations reflect on these developments and look ahead, mitigating these new risks will require embracing modern software supply chain security solutions.”
To learn more about current and emerging trends in software supply chain risk, download the fourth annual Software Supply Chain Security Report. To hear more about the report, join ReversingLabs on Feb. 11 from 11 a.m. to noon EST for Inside the 2026 Software Supply Chain Security Report | An Author’s Roundtable, a webinar reviewing key findings, consequential compromises and new attack techniques.
About ReversingLabs
ReversingLabs is the trusted name in file and software security. We provide the modern cybersecurity platform to verify and deliver safe binaries. Trusted by the Fortune 500 and leading cybersecurity vendors, RL Spectra Core powers the software supply chain and file security insights, tracking over 422 billion searchable files with the ability to deconstruct full software binaries in seconds to minutes. Only ReversingLabs provides that final exam to determine whether a single file or full software binary presents a risk to your organization and your customers.
Advertisement
Media Contact
Doug Fraim
Guyer Group
[email protected]
Advertisement
A photo accompanying this announcement is available at https://www.globenewswire.com/NewsRoom/AttachmentNg/fec8adc4-85ce-4b26-a991-44da46fda9ef
