Hot Topics

malware prevention

Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens'

Devs flood npm with 15,000 packages to reward themselves with Tea ‘tokens’

| | malware prevention, Nexus Firewall, OSS security, Sonatype Repository Firewall, Vulnerabilities
We have repeatedly come across cases involving open source registries like npm and PyPI being flooded with thousands of packages in a short span of time. Typically, such surges in publishing activity ...
Sonatype Blog
CVE-2023-50164: Another vulnerability in the widely used Apache Struts2 component

CVE-2023-50164: Another vulnerability in the widely used Apache Struts2 component

| | Apache Struts2, DevZone, malware prevention, Vulnerabilities
Yet another remote code execution vulnerability in Apache’s Struts2 Framework has been discovered - leaving many with strong feelings of Deja Vu. If you're a developer, it's not unreasonable to be concerned ...
Sonatype Blog
Decrypting the Ledger connect-kit compromise: A deep dive into the crypto drainer attack

Decrypting the Ledger connect-kit compromise: A deep dive into the crypto drainer attack

| | DevZone, malware prevention, Sonatype Lifecycle, Sonatype Repository Firewall, Vulnerabilities
Earlier today, Ledger, a maker of hardware wallets for storing crypto, announced that they had identified malicious software embedded in one of their open source packages called @ledgerhq/connect-kit. This package is widely ...
Sonatype Blog

Pandora Malware On Android TV: Safeguard Yourself Today

| | Android TV, Cybersecurity News, cybersecurity threats, Cybersecurity tips, DDoS attacks, firmware security, malicious apps, Malicious Firmware Updates, malware prevention, Mirai Malware, Pandora Malware, Smart TV Security, Smart TV Vulnerability
Popular for media streaming, low-cost Android TV set-top boxes are facing a new threat: a form of the Mirai malware botnet, which has recently attacked millions of these devices. This Pandora malware ...
TuxCare

A Closer Look: Differentiating Software Vulnerabilities and Malware

| | DevZone, malware prevention, open source, software supply chain, Sonatype Lifecycle, Sonatype Repository Firewall, Vulnerabilities
In today’s interconnected digital world, vulnerabilities and malware in open source software pose significant threats to the security and integrity of your software supply chain. While these two terms may appear synonymous ...
Sonatype Blog
Malware Monthly - March 2023

Malware Monthly – March 2023

| | DevZone, FEATURED, Malware Monthly, malware prevention, npm, PyPI, Vulnerabilities
  ...
Sonatype Blog
Sonatype’s Nexus Firewall is an Easy Solution for a Big Problem

Sonatype’s Nexus Firewall is an Easy Solution for a Big Problem

| | FEATURED, malware prevention, Nexus Firewall, Nexus Platform, secure software supply chain, software supply chain automation
  ...
Sonatype Blog
Sonatype Repository Firewall is an Easy Solution for a Big Problem

Sonatype Repository Firewall is an Easy Solution for a Big Problem

| | FEATURED, malware prevention, secure software supply chain, software supply chain automation, Sonatype Platform, Sonatype Repository Firewall
  ...
Sonatype Blog
Manage Open Source Risk With Improved Malware Detection

Manage Open Source Risk With Improved Malware Detection

| | DevZone, FEATURED, malware prevention, open source security risks, secure software supply chain
Malware targeting developers is a major concern that the industry is struggling to catch up with. We know open source software supply chain attacks are a problem with an estimated 700% increase ...
Sonatype Blog
[New Live Series] Dev Chat with Dan Conn: Beware of Malware

[New Live Series] Dev Chat with Dan Conn: Beware of Malware

| | DevZone, Malware Analysis, malware prevention, News and Views, Sonatype Live Series
  ...
Sonatype Blog
Load more