Skip Navigation

Top 10 open source projects hit by HTTP/2 'Rapid Reset' zero-day

By Ax Sharma on October 12, 2023 vulnerability

3 minute read time

Discover ten open source packages affected by the HTTP/2 Rapid Reset vulnerability, disclosed by Cloudflare this week
Read More...

Introducing our 9th annual State of the Software Supply Chain report

By Aaron Linskens on October 03, 2023 open source security

5 minute read time

Sonatype announces the arrival of our 9th annual State of the Software Supply Chain report that explores open source security, industry trends, and more.
Read More...

Unlocking the power of generative AI in software development: Insights from Sonatype's survey

By Aaron Linskens on September 12, 2023 Software Supply Chain

4 minute read time

Explore the influence of generative AI in software development via the results of Sonatype's recent survey involving 400 DevOps and 400 SecOps leaders
Read More...

npm manifest confusion – What is it and do you really need to worry about it?

By Ax Sharma on June 28, 2023 npm

4 minute read time

npm manifest confusion – what is it and do you really need to worry about it?
Read More...

PyPI attackers still at it: Malicious packages drop trojans and info-stealers

By Ax Sharma on June 22, 2023 vulnerability

3 minute read time

Sonatype's malicious open source and malware detection systems found hundreds of malicious PyPI packages.
Read More...

Sonatype named a leader in The Forrester Wave™ for software composition analysis

By Tara Flynn Condon on June 15, 2023 Forrester

3 minute read time

The Sonatype platform named a Leader in the 2023 Forrester Wave for SCA.
Read More...

Sonatype named in the 2023 Gartner® Magic Quadrant™ for Application Security Testing

By Tara Flynn Condon on May 23, 2023 AppSec

4 minute read time

Sonatype is named to the 2023 Gartner Magic Quadrant for Application Security Testing (AST).
Read More...

Can the open source community save Europe from the Cyber Resilience Act?

By Jeff Wayman on April 27, 2023 thought leaders

7 minute read time

Examine the open source community's response to the EU Cyber Resilience Act, and its potential consequences for the future of innovation & collaboration.
Read More...

Explore a refreshed Sonatype Platform: New features, new product names

By Sonatype on April 25, 2023 featured

4 minute read time

Sonatype has new capabilities, improved security, and brand new product names. Learn more about the revamped Sonatype Platform.
Read More...