Multiple hijacked npm cryptocurrency packages exfiltrate sensitive environment variables via obfuscated scripts and pose risks to open source ecosystems.| www.sonatype.com
Learn what open source vulnerabilities are, their impact, and how open source vulnerability management tools can reduce your business’s risk exposure.| www.sonatype.com
Simplify Software Bill of Materials compliance while cataloging, enhancing, and monitoring effortlessly with SBOM Manager. Learn more!| www.sonatype.com
Learn about the danger of open source malware and software vulnerabilities in Sonatype's Open Source Malware Resource Hub.| www.sonatype.com
Sonatype's automated malware detection systems identified a malicious PyPI package called crytic-compilers, connected to Russia-linked Lumma Windows stealer, and named very closely after a well-known legitimate Python library that is used by cryptocurrency developers.| www.sonatype.com
Unite security and developers to accelerate digital innovation without sacrificing security or quality across the software supply chain with Sonatype.| www.sonatype.com
Automatically find and fix open source vulnerabilities at every stage of the SDLC. Learn how Sonatype Lifecycle can help deliver quality code fast.| www.sonatype.com
Manage components, binaries & build artifacts across your software supply chain. Your single source of truth to store & distribute software quickly & reliably.| www.sonatype.com