Aaron Linskens

Aaron is a technical writer on Sonatype's Developer Relations team. He works at a crossroads of technical writing, developer advocacy, software development, and open source. He aims to get developers and non-technical collaborators to work well together via experimentation, feedback, and iteration so they can build the right software.

This Week in Malware - 135 Packages Target npm and PyPI Registries

By Aaron Linskens on September 30, 2022 vulnerabilities

3 minute read time

This week in malware, we discovered and analyzed 135 packages flagged as malicious, suspicious, or dependency confusion attacks in npm and PyPI registries.
Read More...

This Week in Malware - Over Five Dozen More Packages Discovered

By Aaron Linskens on September 23, 2022 vulnerabilities

2 minute read time

This week in malware we discovered and analyzed over five dozen packages flagged as malicious, suspicious, or dependency confusion attacks.
Read More...

This Week in Malware - Almost 100 Packages

By Aaron Linskens on September 16, 2022 vulnerabilities

2 minute read time

This week in malware Sonatype discovered and analyzed over seven dozen packages flagged as malicious, suspicious, or dependency confusion attacks.
Read More...

Rule Over Your Dependencies and Scan at Your Own Open Source Risk

By Aaron Linskens on September 13, 2022 vulnerabilities

5 minute read time

A good way to make sure that your organization's vulnerabilities don't go unnoticed is conducting regular scans of open source used in your environments.
Read More...

This Week in Malware - A PyPI Phishing Follow-up Plus 120 Packages

By Aaron Linskens on September 02, 2022 vulnerabilities

4 minute read time

This week Sonatype discovered and analyzed 120 packages flagged as malicious, suspicious, or dependency confusion attacks.
Read More...

This Week in Malware - 450 Packages and a Phishing Campaign Against PyPI Maintainers

By Aaron Linskens on August 26, 2022 vulnerabilities

6 minute read time

This week Sonatype discovered and analyzed 450 packages flagged as malicious, suspicious, or dependency confusion attacks.
Read More...

This Week in Malware - Fileless Linux Cryptominer, 100 Packages

By Aaron Linskens on August 12, 2022 vulnerabilities

6 minute read time

This week Sonatype discovered more than 100 open source packages that were malicious, suspicious, or dependency confusion attacks.
Read More...