Featured Article

New Design, New Features: Maven Central Improvements for Developers

By Amanda Yeo on March 28, 2023 open source security

Hosted by Sonatype, Maven Central has a refreshed interface and new features to improve the developer experience.

Read More

SHARE:

Sonatype_Blog_Logo_White
READ MORE

Malware Monthly - February 2023

8 minute read time

The February 2023 edition of Malware Monthly shares insights into copycat information stealers, malware linked to video game mods, and more.
Read More...
READ MORE

Malware Monthly - January 2023

11 minute read time

January 2023's Malware Monthly covers malware that rejects virtual machines, Linux crypto miners, evasive variants of RAT mutants, and more.
Read More...
READ MORE

Malware Monthly - December 2022

10 minute read time

Sonatype's Malware Monthly brings you the latest information on malicious and suspicious packages discovered in software registries.
Read More...
READ MORE

This Week in Malware - Over 70 Packages Discovered

By Aaron Linskens on October 28, 2022 vulnerabilities

2 minute read time

This week, we discovered and analyzed six dozen packages flagged as malicious, suspicious, or dependency confusion attacks in npm and PyPI registries.
Read More...
Warning message on a screen, hands thrown up in frustration
READ MORE

This Week in Malware - Nearly 40 Packages Discovered

By Aaron Linskens on October 21, 2022 vulnerabilities

2 minute read time

This week in malware, we discovered and analyzed nearly 40 packages flagged as malicious, suspicious, or dependency confusion attacks in npm and PyPI registries.
Read More...
READ MORE

This Week in Malware - Over 50 Packages Discovered

By Aaron Linskens on October 14, 2022 vulnerabilities

2 minute read time

This week we discovered and analyzed nearly 5 dozen packages flagged as malicious, suspicious, or dependency confusion attacks in npm and PyPI registries.
Read More...
READ MORE

This Week in Malware - Over 100 Packages Discovered

By Aaron Linskens on October 07, 2022 vulnerabilities

6 minute read time

This week in malware, we discovered and analyzed more than 100 packages flagged as malicious, suspicious, or dependency confusion attacks in npm and PyPI registries.
Read More...
READ MORE

This Week in Malware - 135 Packages Target npm and PyPI Registries

By Aaron Linskens on September 30, 2022 vulnerabilities

3 minute read time

This week in malware, we discovered and analyzed 135 packages flagged as malicious, suspicious, or dependency confusion attacks in npm and PyPI registries.
Read More...
READ MORE

This Week in Malware—Ongoing Dependency Confusion

By Ax Sharma on September 09, 2022 vulnerabilities

4 minute read time

This week in malware, Sonatype's automated malware detection systems have spotted over four dozen dependency confusion candidates.
Read More...