Featured Article

Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens'

By Ax Sharma on April 16, 2024 vulnerabilities

The Sonatype Security Research team has identified over 15,000 npm packages that flood npm registry in a new trend where devs involved in the blockchain and cryptocurrency communities are leveraging

Read More

How to integrate SBOMs into the software development life cycle

By Stephen Magill on March 20, 2024 SDLC

4 minute read time

Discover strategies for incorporating software bills of materials (SBOMs) into your software development life cycle (SDLC)

Read More...

Why Do I Need a Binary Repository Manager?

By Ember DeBoer on January 30, 2020 repository manager

6 minute read time

Binary repository managers serve a couple of important functions as part of a modern software development lifecycle. This post explore several benefits.

Read More...

Nigel’s Wake-up Call: Scaling Open Source Governance

By Derek Weeks on November 03, 2014 Cyber Supply Chain Management and Transparency Act

3 minute read time

Nigel’s Wake-up Call: Scaling Open Source Governance

Read More...

Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens'

How to integrate SBOMs into the software development life cycle

Why Do I Need a Binary Repository Manager?

Nigel’s Wake-up Call: Scaling Open Source Governance

Secure your software supply chain

Subscribe for all the latest software security news and events