Featured Article

Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens'

By Ax Sharma on April 16, 2024 vulnerabilities

The Sonatype Security Research team has identified over 15,000 npm packages that flood npm registry in a new trend where devs involved in the blockchain and cryptocurrency communities are leveraging

Read More

SHARE:

Sonatype_Blog_Logo_White
Screen Shot of Gartner Application Security Testing Report
READ MORE

Sonatype named in the 2023 Gartner® Magic Quadrant™ for Application Security Testing

By Tara Flynn Condon on May 23, 2023 AppSec

4 minute read time

Sonatype is named to the 2023 Gartner Magic Quadrant for Application Security Testing (AST).
Read More...
READ MORE

Can the open source community save Europe from the Cyber Resilience Act?

By Jeff Wayman on April 27, 2023 thought leaders

7 minute read time

Examine the open source community's response to the EU Cyber Resilience Act, and its potential consequences for the future of innovation & collaboration.
Read More...
READ MORE

Explore a refreshed Sonatype Platform: New features, new product names

By Sonatype on April 25, 2023 featured

4 minute read time

Sonatype has new capabilities, improved security, and brand new product names. Learn more about the revamped Sonatype Platform.
Read More...
Claw grabber picking up a bad component
READ MORE

Protecting software developers from malware with AI/ML insights

By Mandeep Singh on April 20, 2023 featured

5 minute read time

Developer-targeted malware is a complex and difficult problem. A look at what tools and information are needed to reduce risk in your development pipeline.
Read More...
READ MORE

Another SolarWinds? The latest software supply chain attack on 3CX

By Luke Mcbride on April 06, 2023 Software Supply Chain

6 minute read time

Get insights on the recent 3CX software supply chain attack and the growing importance of effective dependency management to protect against cyberattacks.
Read More...
Hands holding puzzle pieces
READ MORE

Cyber-readiness and changing federal government SBOM requirements

By Cate Richards on March 27, 2023 News and Views

6 minute read time

Upcoming regulatory changes are coming to go from software transparency to better address cyber-readiness at the Federal level and beyond.
Read More...
READ MORE

[New live series] Dev Chat with Dan Conn: Beware of malware

By Sonatype on March 20, 2023 News and Views

1 minute read time

Introducing our new monthly live stream series: Dev Chat with Dan Conn. Tune for snack-sized episodes covering the latest issues DevOps professionals face.
Read More...
READ MORE

White House National Cybersecurity Strategy: Landmark action for a critical threat

By Brian Fox on March 02, 2023 Cybersecurity

5 minute read time

The Biden administration announced a new, historic National Cybersecurity Strategy calling for cybersecurity liability and increased investment.
Read More...
READ MORE

New on Sonatype Learn: Easy Source Control Management (SCM) Onboarding

By Cerah Hedrick (they/them) on February 28, 2023 elearning

2 minute read time

Sonatype's latest eLearning course, Easy Source Control Management (SCM) Onboarding, teaches you how to import your SCM repositories into Nexus Lifecycle.
Read More...