Featured Article

Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens'

By Ax Sharma on April 16, 2024 vulnerabilities

The Sonatype Security Research team has identified over 15,000 npm packages that flood npm registry in a new trend where devs involved in the blockchain and cryptocurrency communities are leveraging

Read More

An open source maintainer's best practice: How to use SBOMs to root out project vulnerabilities

By Aaron Linskens on October 25, 2022 Open Source

6 minute read time

The second entry in Sonatype's series for Security Slam explores how your project can benefit from the use of a software bill of materials (SBOM).

Read More...

Open source best practices: Key documents to help welcome new contributors to your project

By Aaron Linskens on October 17, 2022 Open Source

5 minute read time

This series of blog posts on best practices for open source maintainers was created in partnership with CNCF for Sonatype's Security Slam event.

Read More...

Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens'

An open source maintainer's best practice: How to use SBOMs to root out project vulnerabilities

Open source best practices: Key documents to help welcome new contributors to your project

Secure your software supply chain

Subscribe for all the latest software security news and events