Sonatype Selected by Equifax to Support OS Governance Press Release

blog-logo Sonatype Blog

Steps to Responsible Disclosure with Bas van Schaik, Man Yue Mo and Brian Fox

By Mark Miller on March 20, 2018 Open Source
In this episode of the OWASP 24/7 Podcast Series, I speak with the research team at Semmle on how they discovered the Pivotal Spring framework vulnerability.
Read More...

Struts2 Vulnerability Cracks Equifax

By Derek Weeks on September 09, 2017 Software Supply Chain
Equifax breach of 143 million consumer records linked to Struts2 open source vulnerability.
Read More...

What you should know about the latest Struts2 Vulnerability (video and podcast)

By Mark Miller on September 08, 2017 OSS governance
What you should know about the recent struts 2 vulnerability announcements from September 2018
Read More...

A Struts2 Vulnerability Hurricane: Deserialization

By Derek Weeks on September 06, 2017 Struts
Attackers are widely exploiting a new vulnerability in Apache Struts2 that allows them to remotely execute malicious code on web servers.
Read More...