Skip Navigation

Dependency mapping: A beginner's guide

By Aaron Linskens on October 20, 2023 vulnerabilities

8 minute read time

Explore dependency mapping, what it is, the benefits of mapping dependencies, and some tools that make the process easier.
Read More...

A guide for open source software (OSS) security

6 minute read time

Evaluate open source software (OSS) security to ensure safe usage of software components in software development life cycles and software supply chains
Read More...

Malicious PyPI package ‘VMConnect’ imitates VMware vSphere connector module

By Ax Sharma on August 03, 2023 Open Source

3 minute read time

A malicious PyPI package ‘VMConnect’ designed to resemble VMware vSphere Connector Module was caught by Sonatype’s automated malware detection systems
Read More...

Cyber Resilience Act: The future of software in the European Union

6 minute read time

Discover what the EU Cyber Resilience Act entails and what the consequences might be for open source and software development overall
Read More...

A closer look: Differentiating software vulnerabilities and malware

By Aaron Linskens on July 11, 2023 vulnerabilities

7 minute read time

Vulnerabilities and malware in open source software pose significant threats to the security and integrity of your software supply chain
Read More...

npm manifest confusion – What is it and do you really need to worry about it?

By Ax Sharma on June 28, 2023 npm

4 minute read time

npm manifest confusion – what is it and do you really need to worry about it?
Read More...

PyPI attackers still at it: Malicious packages drop trojans and info-stealers

By Ax Sharma on June 22, 2023 vulnerability

3 minute read time

Sonatype's malicious open source and malware detection systems found hundreds of malicious PyPI packages.
Read More...

Sonatype sponsoring Red Hat Summit on May 23-25 in Boston

By Michael Tersigni on May 04, 2023 Red Hat

3 minute read time

A look at the yearly open source event for IT professionals to learn, collaborate, and innovate, including suggestions for visitors and talks.
Read More...

7 software license types explained: Open source and closed source

By Crystal Derakhshan on April 26, 2023 Open Source

7 minute read time

Navigate the complexities of software licenses with this comprehensive guide. Explore their differences, implications, & management strategies.
Read More...