In 2024, the number of software packages affected by supply-chain cyberattacks dropped significantly, with only 590 packages impacted—a 98% decrease from the previous year. However, despite the decline in the number of attacks, the number of customers affected more than doubled, with nearly 297,000 customers impacted, up from about 139,000 in 2023.