IT Brief UK - Technology news for CIOs & IT decision-makers
United Kingdom

Sonatype Stories

UK Stories

Sonatype stories

Global Stories

Sonatype stories

Sonatype flags 176 npm packages in dependency attack
Malware

Sonatype flags 176 npm packages in dependency attack

Developers using npm could have secrets exposed as 176 malicious packages were set up to hijack dependency resolution and run postinstall malware.

By Sofiah Nichole Salivio 4 min read This month
Sonatype joins Linux Foundation registry working group
DevOps

Sonatype joins Linux Foundation registry working group

Sonatype joins Linux Foundation registry working group to tackle funding, governance and security pressures as package downloads near 10 trillion.

By Joseph Gabriel Lagonsin 4 min read Last month
Sonatype warns of surge in trusted open-source malware
Application Security

Sonatype warns of surge in trusted open-source malware

Attackers hid malware in familiar package workflows, prompting Sonatype to log 21,764 malicious open-source packages in the quarter.

By Shannon Williams 4 min read Wed, 15th Apr 2026
Sonatype finds live data beats larger AI models on upgrades
DevOps

Sonatype finds live data beats larger AI models on upgrades

Sonatype says smaller AI tied to live software data can outsecure larger models on dependency upgrades, slashing risk and cost.

By Shannon Williams 4 min read Wed, 25th Mar 2026
Sonatype updates Repository Firewall to target open-source malware
Virtualisation

Sonatype updates Repository Firewall to target open-source malware

Sonatype enhances Repository Firewall to proactively block open source malware, integrating Zscaler and supporting Docker and AI models for robust DevSecOps protection.

By Kaleah Salmon 4 min read Thu, 1st May 2025
Sonatype reports rise in open source malware to 17,954
Malware

Sonatype reports rise in open source malware to 17,954

Sonatype's latest Open Source Malware Index reveals a staggering rise in malware, with over 17,900 packages identified in Q1 2025, reflecting evolving threats.

By Catherine Knowles 3 min read Thu, 3rd Apr 2025
Sonatype launches AI tool to secure open source tech use
DevOps

Sonatype launches AI tool to secure open source tech use

Sonatype has unveiled its new AI Software Composition Analysis capabilities to enhance security and governance for open source AI technologies in enterprises.

By Catherine Knowles 3 min read Fri, 7th Mar 2025
Open source malware up 156%, Sonatype research shows
Malware

Open source malware up 156%, Sonatype research shows

Sonatype's latest research reveals a shocking rise in open source malware, with over 778,500 malicious packages detected in 2024, primarily affecting government organisations.

By Catherine Knowles 2 min read Fri, 13th Dec 2024
Sonatype & OpenText unite for enhanced app security
Application Security

Sonatype & OpenText unite for enhanced app security

Sonatype and OpenText have partnered to create an integrated platform that enhances application security, streamlining compliance and risk management.

By Imee Dequito 2 min read Fri, 22nd Nov 2024
Sonatype named leader in software analysis by Forrester
Supply Chain

Sonatype named leader in software analysis by Forrester

Sonatype has been named a leader in Software Composition Analysis by Forrester, praised for its high performance in security and dependency management.

By Sean Mitchell 2 min read Wed, 20th Nov 2024
Sonatype report highlights rising threats in open source
Supply Chain

Sonatype report highlights rising threats in open source

Sonatype's latest report reveals open source software now comprises 90% of modern development, with a staggering 156% rise in malicious packages.

By Catherine Knowles 3 min read Tue, 15th Oct 2024
Sonatype brings software security tools to AWS Marketplace
Hyperscale

Sonatype brings software security tools to AWS Marketplace

Sonatype's SBOM Manager and Nexus Repository are now available on AWS Marketplace, offering AWS users enhanced software supply chain security and management.

By Kaleah Salmon 3 min read Tue, 30th Jul 2024
Sonatype launches SBOM Manager to enhance software security
Software-as-a-Service

Sonatype launches SBOM Manager to enhance software security

Sonatype releases its SBOM Manager, a crucial tool to help organisations track and manage software components.

By Shannon Williams 4 min read Mon, 8th Jul 2024
Sonatype unveils system revolutionising open source code security
Supply Chain

Sonatype unveils system revolutionising open source code security

Sonatype pioneers a system that detects hidden security threats in open-source code, uncovering more than 4.5 million previously undetected vulnerabilities.

By Shannon Williams 3 min read Tue, 7th May 2024
Sonatype launches new SBOM Manager at KubeCon Europe
Supply Chain

Sonatype launches new SBOM Manager at KubeCon Europe

Sonatype debuts its innovative SBOM Manager at KubeCon Europe, offering companies improved compliance and cybersecurity in software supply chains.

By Catherine Knowles 3 min read Fri, 22nd Mar 2024
Sonatype and HackerOne partner on open source vulnerability reporting
Partner Programmes

Sonatype and HackerOne partner on open source vulnerability reporting

Without a standard for responsible disclosure, even those who want to disclose vulnerabilities responsibly can get frustrated with the process.

By Staff Writer 3 min read Mon, 25th Mar 2019
Huge vulnerabilities in software supply chain being exploited
DevOps

Huge vulnerabilities in software supply chain being exploited

A very exposing report has revealed breaches are rising and response times are falling, largely due to shoddy software development practices.

By Ashton Young 3 min read Thu, 4th Oct 2018

Stories from Other Regions

Sonatype stories