Featured Article

Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens'

By Ax Sharma on April 16, 2024 vulnerabilities

The Sonatype Security Research team has identified over 15,000 npm packages that flood npm registry in a new trend where devs involved in the blockchain and cryptocurrency communities are leveraging

Read More

Walmart Integrates Nexus, OneOps, Jenkins, Kubernetes into Distribution Center Management System

By Janie Gelfond on June 16, 2017 Nexus

28 second read time

Walmart Integrates Sonatype Nexus, OneOps, CloudBees Jenkins, Kubernetes into Distribution Center Management System.

Read More...

Gartner Goes Development-Centric

By Derek Weeks on September 11, 2014 Sonatype Says

1 minute read time

Recently, Gartner published a new research report that says by 2016, “the vast majority of mainstream IT organizations will leverage nontrivial elements of.

Read More...

Trusting Third-Party Code That Can't Be Trusted

By Derek Weeks on July 22, 2014 Component Lifecycle Management

2 minute read time

Paul Roberts (@paulfroberts) at InfoWorld recently shared his perspective on “5 big security mistakes coders make”.

Read More...

Lessons of Youth: A License to Use

By Jeffrey Wayman on July 11, 2014 Component Lifecycle Management

4 minute read time

I can still recall (it actually pains me to count the years, so I refuse to) with perfect clarity the sound of my 1200 baud modem handshaking with my.

Read More...

Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens'

Walmart Integrates Nexus, OneOps, Jenkins, Kubernetes into Distribution Center Management System

Gartner Goes Development-Centric

Trusting Third-Party Code That Can't Be Trusted

Lessons of Youth: A License to Use

Secure your software supply chain

Subscribe for all the latest software security news and events