Malicious npm packages surged 451% year-over-year.
Malicious npm packages surged 451% year-over-year. — This cybersecurity statistic was published by JFrog in May 2026. It covers topics including npm Package, Package Management, Malicious Package. The original data appears in 2026 Software Supply Chain Security State of the Union. For the full methodology and detailed findings, refer to the original report.
Share or Copy this stat
Frequently Asked Questions
What does this statistic say?
Malicious npm packages surged 451% year-over-year. This data was published by JFrog and covers npm Package, Package Management, Malicious Package.
Where does this data come from?
This statistic comes from 2026 Software Supply Chain Security State of the Union, published by JFrog on May 27, 2026. You can view the original report at https://jfrog.com/software-supply-chain-state-of-union/.
What cybersecurity topics does this cover?
This statistic relates to npm Package, Package Management, Malicious Package. Browse more statistics on npm Package or from JFrog.