Rule Over Your Dependencies and Scan at Your Own Open Source Risk

By Aaron Linskens on September 13, 2022 vulnerabilities

5 minute read time

A good way to make sure that your organization's vulnerabilities don't go unnoticed is conducting regular scans of open source used in your environments.
Read More...

Why Are Dependency Confusion Attacks Not Going Away?

By Ax Sharma on February 09, 2022 dependencies

4 minute read time

Sonatype has caught more than 63,000 suspicious packages, the majority of which are dependency confusion candidates. Why are these attacks not going away?
Read More...

PyPi 'Cheese Shop' Malware Illustrates Software Supply Chain Risk Vector

By Katie McCaskey on July 22, 2019 dependency injection

3 minute read time

Malicious actors circumvented the PyPI package repo manager, a classic case demonstrating why understanding open source code dependencies is critical.
Read More...

How not to download the Internet

By Tim OBrien on April 19, 2011 Nexus Repo Reel

3 minute read time

How not to download the Internet
Read More...

Adding Dependencies Using m2eclipse

By Heather Loney on March 10, 2010 repository

1 minute read time

Adding Dependencies Using m2eclipse
Read More...