Meet Richard Panman: Values Champion

By Savanna Hajdasz on January 12, 2023 News

11 minute read time

Meet Richard Panman, Sonatype Customer Outcomes Manager, and a peer-nominated Values Champion.
Read More...

PyTorch Namespace (Dependency) Confusion Attack

By Ilkka Turunen on January 04, 2023 News

4 minute read time

During the 2022 holiday season, a dependency confusion attack targeted PyTorch. Here's what users of PyTorch-NightlyBuild need to know.
Read More...

Congratulations to the Sonatype 2022 Elevate Awards Winners

By Sonatype on December 08, 2022 News

3 minute read time

Commerzbank AG, ABN Amro Bank NV, and Instinet are among the winners of the 2022 Sonatype Elevate Awards.
Read More...

14 All Day DevOps (ADDO) Sessions You Won’t Want to Miss

By Sonatype on November 01, 2022 News

2 minute read time

ADDO returns on November 10, 2022. There are 180 speakers covering six different tracks, but these 14 sessions are ones you won't want to miss.
Read More...

What the OpenSSL Vulnerabilities Are…and Aren't (CVE-2022-3786 & CVE-2022-3602)

By Eddie Knight on November 01, 2022 Known Vulnerabilities

4 minute read time

It’s been a week since we were warned about the OpenSSL vulnerability. We're here to help you understand what this vulnerability is and what it is not.
Read More...

A New OpenSSL Vulnerability Is Coming - Get Ready to Patch

By Ilkka Turunen on October 26, 2022 News

3 minute read time

On Tuesday 1st of November, between 1-5pm UTC a new version of the widely adopted OpenSSL 3.x series will be released for general consumption.
Read More...

Weaponizing Open Source Through Job Recruiting

By Ilkka Turunen on October 03, 2022 News

7 minute read time

There have been troubling new reports of threat actors weaponizing open source to target employee machines at technology companies, governments, and more.
Read More...

Exploit for recently patched Java flaw added to CrimeBoss exploit kit

By VAO on April 25, 2013 News

10 second read time

Exploit for recently patched Java flaw added to CrimeBoss exploit kit
Read More...

Underground software suffers from copy and paste

By VAO on April 02, 2013 News

16 second read time

Underground software suffers from copy and paste
Read More...