Being the 'B' in LGBTQIA+

By John Kruger on September 16, 2022 News and Views

2 minute read time

September 16-23rd is Bisexual Awareness Week (#BiWeek) and Sonatype's Senior Technical Support Engineer, John Kruger, talks about what it's like to be bi.
Read More...

Pursue Growth With a Software Engineering Internship at Sonatype

By Audra Davis-Hurst on September 14, 2022 News and Views

3 minute read time

Sonatype's software engineering internship program was created for passionate learners to experience the complexity of modern software development.
Read More...

Rule Over Your Dependencies and Scan at Your Own Open Source Risk

By Aaron Linskens on September 13, 2022 vulnerabilities

5 minute read time

A good way to make sure that your organization's vulnerabilities don't go unnoticed is conducting regular scans of open source used in your environments.
Read More...

This Week in Malware—Ongoing Dependency Confusion

By Ax Sharma on September 09, 2022 vulnerabilities

4 minute read time

This week in malware, Sonatype's automated malware detection systems have spotted over four dozen dependency confusion candidates.
Read More...

Living Six Months of Core Values

By Savanna Hajdasz on September 08, 2022 Sonatype culture/awards

5 minute read time

Sonatype launched our core values at the beginning of 2022 and have spent the first half focusing on living them every day.
Read More...

On the Road Again: Here Comes September

By Steve Poole on September 06, 2022 Events and Webinars

4 minute read time

Sonatype DevRel folk will be speaking, presenting, and there to help at open source conferences, Java conferences, and more throughout September 2022.
Read More...

This Week in Malware - A PyPI Phishing Follow-up Plus 120 Packages

By Aaron Linskens on September 02, 2022 vulnerabilities

4 minute read time

This week Sonatype discovered and analyzed 120 packages flagged as malicious, suspicious, or dependency confusion attacks.
Read More...

Why Developers are Becoming the Weakest Link in Supply Chain Attacks

5 minute read time

As cyber-attacks continue to grow, threat actors have shifted their focus from endpoints and end users to the software supply chain.
Read More...

This Week in Malware - 450 Packages and a Phishing Campaign Against PyPI Maintainers

By Aaron Linskens on August 26, 2022 vulnerabilities

6 minute read time

This week Sonatype discovered and analyzed 450 packages flagged as malicious, suspicious, or dependency confusion attacks.
Read More...