“Something expired deep insideThe day the music died” Earlier this week, the music streaming service Spotify went down for about…
The NodeJS component express-fileupload - touting 7 million downloads from the npm registry - now has a critical Prototype Pollution…
Blockchain? I'm not sure what it is, but I know that bitcoin used to be worthless and now is worth…
An analysis of high performance open source development practices
In addition to regular vulnerability data research, the Sonatype Security Research Team also contributes to the open-source community by going…
We’ve been working to integrate component intelligence from Nexus Lifecycle directly into source control management (SCM) systems so that developers…
For July’s Nexus Intelligence Insight we take a deep dive into a Denial of Service (DoS) vulnerability impacting the popular…
We are excited to announce the official release of Nexus Repository 3.25. Delivering on much anticipation from the Nexus community,…
With the Defensics SDK, you can create fuzzing test suites for any type of data. In this article, we demonstrate…
Editor's Note: This post was originally shared internally. With the author's permission it is shared here so that prospective coworkers…