Skip Navigation

PyTorch namespace (dependency) confusion attack

By Ilkka Turunen on January 04, 2023 News

4 minute read time

During the 2022 holiday season, a dependency confusion attack targeted PyTorch. Here's what users of PyTorch-NightlyBuild need to know.

Sonatype spots 275+ malicious npm packages copying recent software supply chain attacks that hit 35 organizations

By Ax Sharma on February 12, 2021 vulnerabilities

7 minute read time

48 hours after a security researcher breached 35+ tech companies in a novel software supply chain attack, Sonatype’s Nexus Intelligence flagged 150+ copycat.

Why namespacing matters in public open source repositories

By Brian Fox on February 10, 2021 The Central Repository

8 minute read time

Sonatype's CTO explains why the Central Repository has always required namespacing and why all public open source repositories should too.

Namespace confusion: Minimizing risk with Sonatype Nexus Repository

By Michael Prescott on February 10, 2021 namespace

3 minute read time

Nexus Repository (NXRM) can help minimize your risk against namespace confusion with a feature called repository routing rules.