Sonatype
Open source has a malware problem, and it’s getting worse
Sonatype has published its Q2 2025 Open Source Malware Index, identifying 16,279 malicious open source packages across major ecosystems such as npm and PyPI. This brings the …
Photos: Infosecurity Europe 2025, part 2
Infosecurity Europe 2025 is a cybersecurity event taking place from June 3 to 5 in London. Help Net Security is on-site and here’s a closer look at the conference. The …
Development vs. security: The friction threatening your code
Developers are driven to deliver new features quickly, while security teams prioritize risk mitigation, which often puts the two at odds. 61% of developers said that it’s …
Open-source malware doubles, data exfiltration attacks dominate
There’s been a notable shift in the types of threats targeting software developers, with a total of 17,954 open source malware packages identified in Q1 2025, according …
Infosec products of the month: March 2025
Here’s a look at the most interesting products from the past month, featuring releases from: 1Kosmos, Alloy, Cloudflare, Cytex, Detectify, GetReal Security, iProov, Keysight …
New infosec products of the week: March 7, 2025
Here’s a look at the most interesting products from the past week, featuring releases from Outpost24, Palo Alto Networks, Red Canary, and Sonatype. Outpost24 introduces …
Sonatype AI SCA delivers visibility and control over AI/ML usage
Sonatype announced end-to-end AI Software Composition Analysis (AI SCA) capabilities that enable enterprises to harness the full potential of AI. With its expertise in open …
Open source malware up 200% since 2023
Sonatype’s 2024 Open Source Malware Threat Report reveals that the number of malicious packages has surpassed 778,500 since tracking began in 2019. In 2024, researchers …
Infosec products of the month: March 2024
Here’s a look at the most interesting products from the past month, featuring releases from: Appdome, AuditBoard, Bedrock Security, Check Point, CyberArk, Cynerio, DataDome, …
New infosec products of the week: March 22, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Appdome, Drata, GlobalSign, Ordr, Portnox, Sonatype, Tufin, and Zoom. GlobalSign …
Sonatype SBOM Manager identifies and mitigates vulnerabilities within the software supply chain
Working with the world’s largest enterprises and global policymakers to address the complexities of optimizing your software supply chain with SBOMs (Software Bill of …
The dark side of GenAI
Beyond traditional AI models, generative AI (GenAI) can create new content, images, and even entire scenarios from scratch. While this technology holds immense promise across …
Featured news
Resources
Don't miss
- Why outsourcing cybersecurity is rising in the Adriatic region
- Microsoft rolls out Windows 11 “quick recovery” feature
- Maximum severity Cisco ISE vulnerabilities exploited by attackers
- Phishing campaign targets U.S. Department of Education’s G5 portal
- Cervantes: Open-source, collaborative platform for pentesters and red teams