Chainguard flags greyware in open-source packages

AI summary

Chainguard says its new source code scanner is detecting not only malware but also “greyware” in public registries, meaning packages that behave as advertised while also including harmful capabilities. The company says it has scanned over 100,000 packages per day and blocked more than 52,000 packages identified as malware or greyware, with examples on npm involving credential theft, token exfiltration, and persistent backdoors.