Featured Article

python-dateutils—A Cryptominer in Disguise Targeting Windows, Linux, macOS

By Ax Sharma on June 29, 2022 vulnerabilities

We analyze a suspicious 'python-dateutils' PyPI package targeting Python developers to mine cryptocurrency after infecting their Windows, macOS or Linux systems.

Read More

Nexus Repo and Datree Integration Deliver Automated Pipeline Control

By Brent Kostak on November 01, 2019 github

2 minute read time

Nexus Repository/Datree integration applies policy control on GitHub commits to bring together developer codebase visibility and build artifact management.

Read More...

Activate Your Shield Against Open Source Invasions

By Katie McCaskey on August 09, 2019 open source management

3 minute read time

Mike Van Doren, Sonatype Solution Architect, identifies the infinity stones that grant superpowers in the Nexus ecosystem.

Read More...

A World of Infinite Choice in Open Source Software

By Katie McCaskey on July 11, 2019 open source management

3 minute read time

The 2019 Software Supply Chain Report explains the development environment we're all living in and what we can learn from exemplar dev teams.

Read More...

Malicious Code Injection Strikes Again as npm Foils $13M Cryptocurrency Theft

By Derek Weeks on June 07, 2019 vulnerabilities

2 minute read time

The latest attempt at a cryptocurrency heist demonstrates how open source software components are used throughout the cryptocurrency ecosystem.

Read More...

Build Better Component Practices: Crawl. Walk. Run.

By Sylvia Fronczak on November 06, 2018 component governance

4 minute read time

Whether you're just getting started or attempting to take the next step in improving your organization's open source processes, there are lessons you can learn. Sonatype's lead customer success

Read More...

Open Source Governance Hits the C-Suite

By Derek Weeks on April 11, 2018 open source management

2 minute read time

The Wall Street Journal’s Adam Janofsky wrote an article entitled, How Companies Can Manage Risks Tied to Open-Source Software*. Coverage of this topic sheds light on a topic for executives, that has

Read More...

42,000 Nexus Repository Managers, and Growing!

By Derek Weeks on November 19, 2014 Cyber Supply Chain Management and Transparency Act

6 minute read time

42,000 Nexus Repository Managers, and Growing!

Read More...

Part 2 - [ ________ ] is the Best Policy

By David Jones on August 13, 2014 open source survey

3 minute read time

In Part 1, ‘[ ________ ] is the Best Policy, we looked at some of the common aspects of an open source policy and discussed how our recent survey discovered that 41% of people think that policies are

Read More...

The Tipping Point: Human Speed vs. Machine Speed

By Derek Weeks on March 05, 2014 Sonatype Says

3 minute read time

What can the financial services industry learn from the U.S. Department of Homeland Security? In this third segment of my blog series on open source component security as it relates to the recently

Read More...

Software composition analysis

Container Security

CODE QUALITY ANALYSIS

Repository MANAGEMENT

Complete Platform

Book a Demo

For Professionals

For Industries

Content

CUSTOMER Portal

Integrations & Free Tools

About us

Contact Us

Sonatype Blog

python-dateutils—A Cryptominer in Disguise Targeting Windows, Linux, macOS

Nexus Repo and Datree Integration Deliver Automated Pipeline Control

Activate Your Shield Against Open Source Invasions

A World of Infinite Choice in Open Source Software

Malicious Code Injection Strikes Again as npm Foils $13M Cryptocurrency Theft

Build Better Component Practices: Crawl. Walk. Run.

Open Source Governance Hits the C-Suite

42,000 Nexus Repository Managers, and Growing!

Part 2 - [ ________ ] is the Best Policy

The Tipping Point: Human Speed vs. Machine Speed

Products

Free Tools

Solutions

Resources

Customer Portal

Company