Sonatype Repository Firewall

Customer spotlight: Discover how Sonatype is helping lead the way in software supply chain security
Sonatype | | Customer Stories, Customer Success, Customers, Sonatype Lifecycle, Sonatype Nexus Repository, Sonatype Repository Firewall
With 2025 in full swing, it's clear this year will be transformational as the open source landscape continues to evolve faster than ever. Helping developers navigate this environment is why Sonatype exists, ...

Fake Solana packages target crypto devs, abuse Slack & ImgBB for data theft
Ax Sharma | | cryptocurrency, malicious code npm, Malware, Nexus Firewall, npm, Sonatype Repository Firewall, Vulnerabilities, vulnerability
Recently discovered malicious packages on the npmjs.com registry named "solanacore," "solana-login," and "walletcore-gen" target Solana crypto developers with Windows trojans and malware capable of keylogging and sensitive data exfiltration. Furthermore, these packages ...

Sonatype customers leading with innovation in the new year
Sonatype | | Customer Stories, Customer Success, Software Supply Chains, Sonatype Lifecycle, Sonatype Nexus Repository, Sonatype Repository Firewall
As we kick off 2025, software's role in our daily lives has never been more apparent, and the integrity of our open source components has never been more important. We have the ...

Counterfeit Lodash attack leverages AnyDesk to target Windows users
Ax Sharma | | application vulnerabilities, malware prevention, Nexus Firewall, Sonatype Repository Firewall, vulnerability
npm packages identified by Sonatype recently are named similar to the vastly popular JavaScript library, lodash. These packages abuse typosquatting and carry within them a modified version of AnyDesk utility to target ...

Crypto enthusiasts flood npm with more than 281,000 bogus packages overnight
Crypto enthusiasts have lately been flooding software registries like npm and PyPI with thousands of bogus packages that add no functional value and instead put a strain on the entire open source ...

Npm packages conceal macOS malware in ‘travis.yml’ files, drop bogus “Safari Updates”
Three npm packages identified by Sonatype this week conceal malware in "travis.yml," a CI/CD build configuration file used by Travis CI. These packages contain metadata, description, and code copied from the legitimate ...

Exploit creator selling 250+ reserved npm packages on Telegram
Recently, the Sonatype Security Research team identified more than 250 npm packages which are lucrative and convincing exploits, because these are named exactly like the open source projects coming from Amazon Web ...

‘cors-parser’ npm package hides cross-platform backdoor in PNG files
Ax Sharma | | Malware Analysis, malware prevention, Nexus Firewall, npm, Sonatype Repository Firewall, Vulnerabilities
'cors-parser' is neither a cure for Cross-Origin Resource Sharing (CORS) vulnerabilities nor a "parser" for interpreting same-origin policies of a website. Instead, the npm package employs a form of steganography to download ...

Russia-linked ‘Lumma’ crypto stealer now targets Python devs
Ax Sharma | | Malware Analysis, malware prevention, PyPI, Sonatype Repository Firewall, Vulnerabilities
Imagine being a developer who's building the next-gen crypto app by using popular open source components to speed up coding. Instead, you end up including a package in your build that, does ...

PyPI crypto-stealer targets Windows users, revives malware campaign
Ax Sharma | | FEATURED, Malware Analysis, Nexus Firewall, PyPI, python, Sonatype Repository Firewall, Vulnerabilities
Sonatype has discovered 'pytoileur', a malicious PyPI package hiding code that downloads and installs trojanized Windows binaries capable of surveillance, achieving persistence, and crypto-theft. Our discovery of the malware led us to ...