Sonatype Selected by Equifax to Support OS Governance Press Release

blog-logo Sonatype Blog

3 steps to deal with the aftermath of the highjacked eslint-scope package

By Ilkka Turunen on July 13, 2018 npm

Yesterday at noon BST a new github issue was opened in the popular eslint repository on github. Someone had highjacked this package and published a version


Remote code execution vulnerability (CVE-2017-8046) in Pivotal's Spring Framework

By Derek Weeks on March 05, 2018 Apache Struts2

A remote code execution vulnerability (CVE-2017-8046) in Pivotal's very popular Spring Framework was disclosed last week by the team at lgtm, although the