Featured Article

New Design, New Features: Maven Central Improvements for Developers

By Amanda Yeo on March 28, 2023 open source security

Hosted by Sonatype, Maven Central has a refreshed interface and new features to improve the developer experience.

Read More

SHARE:

Sonatype_Blog_Logo_White
READ MORE

Manage Open Source Risk With Improved Malware Detection

5 minute read time

Malware targeting developers remains a major concern. Learn what your organization can do to keep cybersecurity risks out of your development pipeline.
Read More...
READ MORE

[New Live Series] Dev Chat with Dan Conn: Beware of Malware

By Sonatype on March 20, 2023 News and Views

1 minute read time

Introducing our new monthly live stream series: Dev Chat with Dan Conn. Tune for snack-sized episodes covering the latest issues DevOps professionals face.
Read More...
READ MORE

Top 8 Malicious Attacks Recently Found On PyPI

13 minute read time

Eight malicious attacks on PyPI recently caught our Security Research Team's eye. Get the details about the actions and motivations of the attackers.
Read More...
READ MORE

Malware Monthly - February 2023

8 minute read time

The February 2023 edition of Malware Monthly shares insights into copycat information stealers, malware linked to video game mods, and more.
Read More...
READ MORE

Malware Monthly - January 2023

11 minute read time

January 2023's Malware Monthly covers malware that rejects virtual machines, Linux crypto miners, evasive variants of RAT mutants, and more.
Read More...
READ MORE

Malware Monthly - December 2022

10 minute read time

Sonatype's Malware Monthly brings you the latest information on malicious and suspicious packages discovered in software registries.
Read More...
READ MORE

Malware Monthly - November 2022

12 minute read time

Sonatype's Malware Monthly brings you the latest information on malicious and suspicious packages discovered in software registries.
Read More...
READ MORE

This Week in Malware - Over 70 Packages Discovered

By Aaron Linskens on October 28, 2022 vulnerabilities

2 minute read time

This week, we discovered and analyzed six dozen packages flagged as malicious, suspicious, or dependency confusion attacks in npm and PyPI registries.
Read More...
Warning message on a screen, hands thrown up in frustration
READ MORE

This Week in Malware - Nearly 40 Packages Discovered

By Aaron Linskens on October 21, 2022 vulnerabilities

2 minute read time

This week in malware, we discovered and analyzed nearly 40 packages flagged as malicious, suspicious, or dependency confusion attacks in npm and PyPI registries.
Read More...