Featured Article

Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens'

By Ax Sharma on April 16, 2024 vulnerabilities

The Sonatype Security Research team has identified over 15,000 npm packages that flood npm registry in a new trend where devs involved in the blockchain and cryptocurrency communities are leveraging

Read More

SHARE:

Sonatype_Blog_Logo_White
Wicket Good Development headline image (hands on a keyboard)
READ MORE

Wicked Good Development Episode 30: JUG, AKA the JAVA User Group

By Kadi Grigg on March 28, 2023 thought leaders

28 minute read time

Kadi Grigg sits down with Frank Greco, Sharat Chander, and Steve Poole to discuss the value, history, and future of Java User Groups (JUGs).
Read More...
READ MORE

Manage open source risk with improved malware detection

5 minute read time

Malware targeting developers remains a major concern. Learn what your organization can do to keep cybersecurity risks out of your development pipeline.
Read More...
READ MORE

[New live series] Dev Chat with Dan Conn: Beware of malware

By Sonatype on March 20, 2023 News and Views

1 minute read time

Introducing our new monthly live stream series: Dev Chat with Dan Conn. Tune for snack-sized episodes covering the latest issues DevOps professionals face.
Read More...
READ MORE

Top 8 malicious attacks recently found on PyPI

13 minute read time

Eight malicious attacks on PyPI recently caught our Security Research Team's eye. Get the details about the actions and motivations of the attackers.
Read More...
Wicket Good Development headline image (hands on a keyboard)
READ MORE

Wicked Good Development Episode 29: White House unveils National Cybersecurity Strategy

By Kadi Grigg on March 14, 2023 thought leaders

22 minute read time

Sonatype's Jeff Wayman sits down with Co-founder and CTO, Brian Fox, to discuss the details of the 2023 Biden-Harris National Cybersecurity Strategy.
Read More...
READ MORE

Malware Monthly - February 2023

8 minute read time

The February 2023 edition of Malware Monthly shares insights into copycat information stealers, malware linked to video game mods, and more.
Read More...
Wicket Good Development headline image (hands on a keyboard)
READ MORE

Wicked Good Development Episode 28: Simon Brown on visualizing software architecture

By Kadi Grigg on March 03, 2023 Community

21 minute read time

Kadi Grigg and guest co-host Sal Kimmich sit down with Simon Brown and Dan Conn to discuss Simon's C4 Software Architecture Model and more.
Read More...
READ MORE

How stolen information stealers are fueling an underground market

By Hernán Ortiz on February 27, 2023 Known Vulnerabilities

9 minute read time

A look at the tactics, techniques, and procedures used to deploy a series of information stealers being uploaded to the PyPI registry.
Read More...
READ MORE

Meet an open source developer - A.J. Brown

By Aaron Linskens on February 27, 2023 Open Source

5 minute read time

A.J. Brown, a Principal Engineer at Sonatype, discusses his journey and career in open source as part of our series for World Open Source Day 2023.
Read More...