Skip Navigation

Juan Aguirre

Juan is a security researcher at Sonatype and part of the team who has helped Sonatype catalog more than 100 million open source components.

Intro to malware analysis: Analyzing Python malware

By Juan Aguirre on January 19, 2023 python

11 minute read time

Understanding malware analysis and the process of researching security vulnerabilities is the first step toward implementing best practices.

New year, new CVE: A deep dive into the 'node-forge' (CVE-2022-0122)

By Juan Aguirre on January 25, 2022 vulnerabilities

5 minute read time

There's no better way to kick off the new year than with an analysis of an open source vulnerability affecting the popular node-forge component on npm.

Tracking the 'Noblox.js' npm malware campaign

By Juan Aguirre on November 23, 2021 vulnerabilities

4 minute read time

Another malicious npm package, noblox.js-rpc was spotted on registry that leverages familiar techniques to steal all sorts of sensitive data.

npm hijackers at it again: Popular 'coa' and 'rc' open source libraries taken over to spread malware

By Juan Aguirre on November 05, 2021 vulnerabilities

6 minute read time

Npm coa and rc packages were hijacked, via an account takeover, again highlighting the need to protect your open source software supply chains.

Fake npm Roblox API package installs ransomware and has a spooky surprise

By Juan Aguirre on October 27, 2021 vulnerabilities

11 minute read time

Fake npm Roblox API package discovered by Sonatype uncovers first known ransomware maliciously placed in typosquatted open source package.

From feature to vulnerability: A Spring-Security-oauth2-Client story

By Juan Aguirre on August 27, 2021 vulnerabilities

5 minute read time

Taking a deeper dive into a Spring vulnerability and understanding how lack of control over resources can lead to a DoS (Denial of Service).

Deep diving into CVE-2021-22114 spring-integration-zip path traversal

By Juan Aguirre on March 31, 2021 vulnerabilities

3 minute read time

We take a deep dive into CVE-2021-22114, which is causing problems for the second time.