Featured Article

Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens'

By Ax Sharma on April 16, 2024 vulnerabilities

The Sonatype Security Research team has identified over 15,000 npm packages that flood npm registry in a new trend where devs involved in the blockchain and cryptocurrency communities are leveraging

Read More

Eight More Struts Breaches

By Derek Weeks on May 07, 2018 software bill of materials

3 minute read time

When using vulnerable versions of the framework, organizations are breached.

Read More...

Malicious Intent: Open Source Developers, Please Protect Your Users

By Brian Fox on February 14, 2018 software bill of materials

1 minute read time

Pay attention to your own digital security as you would if you were protecting millions of others. Malicious code found in npm package conventional-changelog.

Read More...

Doctor, Doctor, Can't You See? Congress Calls for Cybersecurity.

By Derek Weeks on November 17, 2017 software bill of materials

3 minute read time

Congressman Walden sent a letter to the U.S. Department of Health and Human Services (HHS) requesting a software bill of materials (SBOM).

Read More...

Medical Device Security: A New Look at Open Source Software

By Derek Weeks on June 04, 2017 software bill of materials

3 minute read time

An effort to keep our healthcare system and medical devices secure is being spearheaded by the Healthcare Industry Cybersecurity Task Force

Read More...

The Trump White House Takes Aim at Cybersecurity

By Derek Weeks on May 12, 2017 software bill of materials

5 minute read time

The Trump White House Takes Aim at Cybersecurity. Introduces Executive Order: STRENGTHENING THE CYBERSECURITY OF FEDERAL NETWORKS AND CRITICAL INFRASTRUCTURE.

Read More...