Featured Article

Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens'

By Ax Sharma on April 16, 2024 vulnerabilities

The Sonatype Security Research team has identified over 15,000 npm packages that flood npm registry in a new trend where devs involved in the blockchain and cryptocurrency communities are leveraging

Read More

Remediation at Scale: Lessons from PayPal for the Equifax Security Team

By Derek Weeks on September 13, 2017 devsecops

2 minute read time

PayPal Lessons for the Equifax Security Team regarding the Struts2 related breach.

Read More...

Sonatype Statement: Struts2 and Equifax Breach

By Matt Howard on September 11, 2017 Open Source

2 minute read time

Organizations like Equifax who leverage open source are responsible for practicing hygiene in a timely manner when fixes for vulnerabilities are available.

Read More...

Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens'

Remediation at Scale: Lessons from PayPal for the Equifax Security Team

Sonatype Statement: Struts2 and Equifax Breach

Secure your software supply chain

Subscribe for all the latest software security news and events