Open Source Malware with Brian Fox


Episode Artwork
1.0x
0% played 00:00 00:00
Mar 09 2025 30 mins   114 1 0

Brian Fox discusses findings from a recent Sonatype report about the growing challenge of malicious packages in open source repositories. At the time of recording there are now over 820,000 malware packages in public repositories. Brian explains why certain ecosystems are more vulnerable than others and how behavioral detection methods can identify suspicious packages, and the challenge in solving this problem.

The blog post for this episode can be found at
https://opensourcesecurity.io/2025/2025-03-oss_malware_brian_fox/