Featured Article

Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens'

By Ax Sharma on April 16, 2024 vulnerabilities

The Sonatype Security Research team has identified over 15,000 npm packages that flood npm registry in a new trend where devs involved in the blockchain and cryptocurrency communities are leveraging

Read More

Sonatype's SBOM generation capabilities outpace the competition

By Audra Davis-Hurst on March 22, 2023 secure software supply chain

8 minute read time

Better data, a dedicated security team, and the analytical capabilities of BOM Doctor are all part of what makes Sonatype's SBOM capabilities superior.

Read More...

Are unnecessary vulnerabilities polluting your software supply chain?

By Stephen Magill on February 06, 2023 secure software supply chain

7 minute read time

As malicious software supply chain attacks continue to evolve, so do the ways that bad actors exploit vulnerable libraries.

Read More...

Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens'

Sonatype's SBOM generation capabilities outpace the competition

Are unnecessary vulnerabilities polluting your software supply chain?

Secure your software supply chain

Subscribe for all the latest software security news and events