Featured Article

Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens'

By Ax Sharma on April 16, 2024 vulnerabilities

The Sonatype Security Research team has identified over 15,000 npm packages that flood npm registry in a new trend where devs involved in the blockchain and cryptocurrency communities are leveraging

Read More

python-dateutils — A cryptominer in disguise targeting Windows, Linux, macOS

By Ax Sharma on June 29, 2022 vulnerabilities

5 minute read time

We analyze a suspicious 'python-dateutils' PyPI package targeting Python developers to mine cryptocurrency after infecting their Windows, macOS or Linux.

Read More...

Crypto-Mining Crime Rings: The Newest Reason Why Software Supply Chain Hygiene Matters

By Matt Howard on March 07, 2018 open source risk management

3 minute read time

There are many reasons why organizations should protect their software supply chains. Crypto-mining crime rings are just the latest.

Read More...

Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens'

python-dateutils — A cryptominer in disguise targeting Windows, Linux, macOS

Crypto-Mining Crime Rings: The Newest Reason Why Software Supply Chain Hygiene Matters

Secure your software supply chain

Subscribe for all the latest software security news and events