Cyber-attacks of open source software for the supply chain project have increased by a whopping 430%, according to a new report from Sonatype. The report said that 929 next-generation software supply chain attacks were recorded from July 2019 through May 2020. Giving insights about response time, the report said 47% of organizations became aware of new open source vulnerabilities after a week. At the same time, a little over half of them took more than a week to remediate the open source vulnerabilities. According to the report, not all companies prioritize improved risk management practices at the expense of developer productivity.
Source: Zdnet