More than 200 malicious packages have flooded npm and PyPI registries to install cryptominers on Linux hosts.
3 minute read time
4 minute read time
I can still recall (it actually pains me to count the years, so I refuse to) with perfect clarity the sound of my 1200 baud modem handshaking with my neighborhood’s local BBS. It’s a sound that so
There are two ways to motivate others to action: emotional appeal and fact based analysis. Our 2014 Open Source and Application Security survey results touched on both. We've run this survey for the
2 minute read time
Enthusiasm for securing the software supply chain is growing in both conversation and practice. For the past year, Sonatype has called for a new approach to securing the software supply chain that
Sonatype Headquarters - 8161 Maple Lawn Blvd #250, Fulton, MD 20759
Tysons Office - 8281 Greensboro Drive – Suite 630, McLean, VA 22102
Australia Office - 60 Martin Place Level 1, Sydney, NSW 2000, Australia
London Office -168 Shoreditch High Street, E1 6HU London
Copyright © 2008-present, Sonatype Inc. All rights reserved. Includes the third-party code listed here. Sonatype and Sonatype Nexus are trademarks of Sonatype, Inc. Apache Maven and Maven are trademarks of the Apache Software Foundation. M2Eclipse is a trademark of the Eclipse Foundation. All other trademarks are the property of their respective owners.