Sonatype Unveils Full-Spectrum Software Supply Chain Management | Press Release

Securing Software Supply Chains and Dependency Confusion — An Industry Perspective

By Derek Weeks on March 08, 2021 featured
We sat down with experts from The Linux Foundation, Atlantic Council and Sonatype's own CTO to discuss recent software supply chain attacks, dependency confusion and security concerns.
Read More...

Sonatype Releases New Nexus Firewall Policy to Secure Software Supply Chains from "Dependency Confusion" Attacks

By Brent Kostak on March 04, 2021 Nexus Firewall
Sonatype’s new Dependency Confusion Policy Protection using Nexus Firewall and Nexus Repository can now automate dependency confusion protection at scale
Read More...

PyPI and npm Flooded with over 5,000 Dependency Confusion Copycats

By Ax Sharma on March 03, 2021 vulnerabilities
Both PyPi and npm are being inundated with malicious dependency confusion packages.
Read More...