Security News
Dutch National Police Disrupt Redline and Meta Malware Operations
Dutch National Police and FBI dismantle Redline and Meta infostealer malware-as-a-service operations in Operation Magnus, seizing servers and source code.
Security News
Sarah Gooding
October 30, 2024
We’re seeing a significant shift in the global programming landscape in 2024, as Python has surpassed JavaScript as the most popular language on GitHub. This milestone marks the end of JavaScript's decade-long reign at the top and correlates with a surge in data science, AI, and machine learning projects on the platform. These are some of the most significant insights from the 2024 GitHub Octoverse report.
Usage of Jupyter Notebooks, an open source application commonly used by data scientists and machine learning researchers, has shot up by 92% since last year, further emphasizing the increasing presence of data scientists and researchers on GitHub:
Since 2018, we have seen the use of Jupyter Notebooks steadily grow—and that growth surged in 2022 as research and experimentation with generative AI and machine learning took off. Since 2022, Jupyter Notebooks usage on GitHub has spiked more than 170%. And since last year, usage has increased by 92%.
GitHub calculates the most used languages based on the totality of activity across commits, issues, PRs, comments on issues and PRs, discussions, pushed code, and reviewed pull requests, among other things. This year saw decreases in Java, PHP, and C usage among popular languages. Python, TypeScript, and Go were the fastest growing languages in 2024.
While Python now leads in overall activity, JavaScript still maintains its dominance in code pushes. It remains a formidable presence, thanks in no small part to the extensive ecosystem facilitated by npm. The npm registry has experienced a 15% year-over-year increase in package consumption, now boasting over two million packages available for developers, with the top 50 npm packages showing net positive growth.
The JavaScript ecosystem continues to evolve, with TypeScript gaining traction and cutting into JavaScript's market share. An important distinction here that may not be clear is that TypeScript grew exponentially from 2014-2019, overtaking Java, and this report measures its popularity separately from JavaScript. The report notes that Python is increasing in contributor counts for both code push activity alone and other activity faster than JavaScript, but it isn’t increasing in those faster than JavaScript and TypeScript combined.
Open source contributions have seen unprecedented growth, with developers from across the globe joining GitHub in record numbers. Many of these new contributors are engaging with open source projects for the first time, expanding the community beyond traditional software development. Python as a top programming language likely plays a part in this trend, as last year’s Python Developers Survey showed that approximately 1 in 4 Python developers are brand new to the language.
GitHub is tracking nearly 1 billion contributions to public open source repositories this year alongside a trend of increased contributions coming from outside North America and Europe. The Octoverse report highlights the importance of open source in “bridging early experimentation and widespread adoption.”
GitHub logged 5.2 billion contributions to more than 518 million open source, public, and private projects, but the bulk of those were made to private repos (more than 82%): “Developers made 4.3 billion contributions across more than 181 million private repositories in 2024.“
Alongside contribution, securing open source components is a priority. GitHub noted that the notion of “secure by design” is gaining traction, with 82% of respondents considering it important to use an open source project, and 65% prioritizing it when contributing.
Other security highlights from the report indicate that AI and automation are increasingly playing a strong role in how developers secure their code:
39M+ Secret Leaks Detected: GitHub developers utilized secret scanning to identify over 39 million secret leaks in 2024.
Enhanced Incident Response: Adoption of generative AI security tools, automated alerts, and proactive measures enabled quicker responses to security incidents.
Top Vulnerabilities Identified:
AI-Driven Code Security: Increased use of AI for code reviews and vulnerability remediation helps mitigate the global shortage of security professionals.
OpenSSF Scorecard Adoption:
These developments suggest that the future of software development will be increasingly driven by data science and AI, which necessitates more robust security automation. This is especially critical as the global expansion of open source contributions introduces more potential vulnerabilities and diverse security challenges.
Read the full 2024 GitHub Octoverse report for a detailed breakdown of these insights and more user and product data.
Subscribe to our newsletter
Get notified when we publish new security blog posts!
Try it now
Security News
Dutch National Police and FBI dismantle Redline and Meta infostealer malware-as-a-service operations in Operation Magnus, seizing servers and source code.
Research
Security News
Socket is tracking a new trend where malicious actors are now exploiting the popularity of LLM research to spread malware through seemingly useful open source packages.
Security News
Research
Noxia, a new dark web bulletproof host, offers dirt cheap servers for Python, Node.js, Go, and Rust, enabling cybercriminals to distribute malware and execute supply chain attacks.