The sheer volume of malicious repositories suggests a shift toward supply-chain attacks where compromised dependencies are pushed to public indexes rather than direct distribution. This highlights the critical need for automated dependency scanning and strict vetting of third-party libraries before they are integrated into production environments.