Featured Article

More Than 200 Cryptomining Packages Flood npm and PyPI Registry

By Ax Sharma on August 19, 2022 vulnerabilities

More than 200 malicious packages have flooded npm and PyPI registries to install cryptominers on Linux hosts.

Read More

SHARE:

Sonatype_Blog_Logo_White
READ MORE

How a Software Bill of Materials Uncovers Known Vulnerabilities

3 minute read time

How a Software Bill of Materials Uncovers Known Vulnerabilities
Read More...
READ MORE

[Part 3] Code, Cars, and Congress: A Time for Cyber Supply Chain Management

4 minute read time

[Part 3] Code, Cars, and Congress: A Time for Cyber Supply Chain Management
Read More...
READ MORE

[Part 2] Code, Cars, and Congress: A Time for Cyber Supply Chain Management

5 minute read time

[Part 2] Code, Cars, and Congress: A Time for Cyber Supply Chain Management
Read More...
READ MORE

Code, Cars, and Congress: A Time for Cyber Supply Chain Management (1 of 3)

5 minute read time

Code, Cars, and Congress: A Time for Cyber Supply Chain Management
Read More...
READ MORE

42,000 Nexus Repository Managers, and Growing!

6 minute read time

42,000 Nexus Repository Managers, and Growing!
Read More...
READ MORE

How Big is a Billion? Open Source Growth Skyrockets

2 minute read time

How Big is a Billion? Open Source Growth Skyrockets
Read More...
phone
READ MORE

Nigel’s Wake-up Call: Scaling Open Source Governance

3 minute read time

Nigel’s Wake-up Call: Scaling Open Source Governance
Read More...
READ MORE

Bash 2014 - This Is Not a Party

2 minute read time

I can honestly say that although referred to by the media as Shellshocked, I am neither shocked nor awed. I can’t say that I am a fan of the latest glorification of bugs like Heartbleed and

Read More...
READ MORE

What Happened Sept 16th?

2 minute read time

We led an invasion last week armed with a flying drone, glowing lightsabers, and the latest knowledge on open source security vulnerabilities. Our mission? Lead, share, educate, moderate, and have

Read More...
Twitter LinkedIn Facebook YouTube GitHub
Products
Free Tools
Solutions
Resources
Customer Portal
Company
SON_logo_white@2x copy trimmed

Sonatype Headquarters - 8161 Maple Lawn Blvd #250, Fulton, MD 20759

Tysons Office - 8281 Greensboro Drive – Suite 630, McLean, VA 22102

Australia Office - 60 Martin Place Level 1, Sydney, NSW 2000, Australia

London Office -168 Shoreditch High Street, E1 6HU London

Copyright © 2008-present, Sonatype Inc. All rights reserved. Includes the third-party code listed here. Sonatype and Sonatype Nexus are trademarks of Sonatype, Inc. Apache Maven and Maven are trademarks of the Apache Software Foundation. M2Eclipse is a trademark of the Eclipse Foundation. All other trademarks are the property of their respective owners.

Terms of Service    Privacy Policy    Modern Slavery Statement    Event Terms and Conditions   Do Not Sell My Personal Information