Featured Article

Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens'

By Ax Sharma on April 16, 2024 vulnerabilities

The Sonatype Security Research team has identified over 15,000 npm packages that flood npm registry in a new trend where devs involved in the blockchain and cryptocurrency communities are leveraging

Read More

SHARE:

Sonatype_Blog_Logo_White
READ MORE

Sonatype's SBOM generation capabilities outpace the competition

8 minute read time

Better data, a dedicated security team, and the analytical capabilities of BOM Doctor are all part of what makes Sonatype's SBOM capabilities superior.
Read More...
READ MORE

Intro to malware analysis: Analyzing Python malware

By Juan Aguirre on January 19, 2023 python

11 minute read time

Understanding malware analysis and the process of researching security vulnerabilities is the first step toward implementing best practices.
Read More...
Image of a column building with the word bank on it
READ MORE

Log4j exploits are now being used to spread Dridex banking Trojan

By Ax Sharma on December 21, 2021 vulnerabilities

5 minute read time

Log4shell exploits are now being leveraged by threat actors to infect Windows machines with the Dridex Trojan and Linux devices with Meterpreter
Read More...
Collection of various chrome parts
READ MORE

What is a software bill of materials (SBOM)?

By Sonatype on September 27, 2021 software bill of materials

6 minute read time

A deep dive into a Software Bill of Materials with top use cases, benefits, and ways to manage.
Read More...
READ MORE

Getting Started with Sonatype Vulnerability Analysis

By Omkar Hiremath on March 26, 2020 vulnerabilities

7 minute read time

Sonatype Vulnerability Scanner is a free tool that scans your application for vulnerabilities and reports on its analysis.
Read More...