Featured Article

Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens'

By Ax Sharma on April 16, 2024 vulnerabilities

The Sonatype Security Research team has identified over 15,000 npm packages that flood npm registry in a new trend where devs involved in the blockchain and cryptocurrency communities are leveraging

Read More

SBOM, VDR, and Maven: Transforming the Apache Logging experience to a common pattern

By Hervé Boutemy on March 29, 2024 vulnerabilities

8 minute read time

CycloneDX Maven Plugin helps publish software bills of materials (SBOMs) and vulnerability disclosure reports (VDRs) and benefits open source projects

Read More...

Comparing SBOM standards: SPDX vs. CycloneDX

By Luke Mcbride on February 17, 2023 software bill of materials

7 minute read time

Do you know which format for generating a software bill of materials (SBOM) is the best option for your organization? A look at the two leading standards.

Read More...

Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens'

SBOM, VDR, and Maven: Transforming the Apache Logging experience to a common pattern

Comparing SBOM standards: SPDX vs. CycloneDX

Secure your software supply chain

Subscribe for all the latest software security news and events