Skip Navigation
Book a Demo
Book a Demo

Hernán Ortiz

A technical writer for the DevRel team at Sonatype. Hernán has published experimental science fiction books and his work has appeared in international literary journals. You can usually find him holding a cup of Colombian coffee, listening to the latest post-punk/noise rock bands, and reading sentences aloud.

READ MORE

How Stolen Information Stealers are Fueling an Underground Market

By Hernán Ortiz on February 27, 2023 Known Vulnerabilities

9 minute read time

A look at the tactics, techniques, and procedures used to deploy a series of information stealers being uploaded to the PyPI registry.
Read More...
READ MORE

Why Developers are Becoming the Weakest Link in Supply Chain Attacks

5 minute read time

As cyber-attacks continue to grow, threat actors have shifted their focus from endpoints and end users to the software supply chain.
Read More...
Image of bugs on a screen
READ MORE

This Week in Malware— Cryptominers Flood npm, PyPI, and More Dependency Confusion

By Hernán Ortiz on August 19, 2022 vulnerabilities

2 minute read time

This week Sonatype discovered 200+ npm and PyPI packages that are cryptominers, with additional packages comprising dependency confusion PoCs.
Read More...
Two chains linked by a shoelace creating a vulnerable system
READ MORE

This Week in Malware—Typosquats in PyPI, Dependency Confusion Packages

By Hernán Ortiz on August 04, 2022 vulnerabilities

2 minute read time

This Week in Malware we discovered 50 packages that are either malicious or dependency confusion attacks.
Read More...