Sonatype Government IT News

Back to Top

February 19, 2024
NPM Hijackers at it Again: Popular ‘coa’ and ‘rc’ Open Source Libraries Taken Over to Spread Malware

2023 White House National Cybersecurity Strategy Guidance

Know everything you need to know about the Biden-Harris Administration’s call for cybersecurity liability and new investment in critical cybersecurity infrastructure. Get your ...

October 03, 2023
NPM Hijackers at it Again: Popular ‘coa’ and ‘rc’ Open Source Libraries Taken Over to Spread Malware

Introducing Sonatype's 9th Annual State of the Software Supply Chain report

In our fast-paced digital world, striving for excellence is an ongoing journey marked by the relentless pursuit of innovation, efficiency, and a focus on the essential ...

June 15, 2023
NPM Hijackers at it Again: Popular ‘coa’ and ‘rc’ Open Source Libraries Taken Over to Spread Malware

Sonatype Named a Leader in Software Composition Analysis (SCA)

Sonatype, the pioneer of software supply chain management, is pleased to announce that it has been recognized as a Leader in The Forrester WaveTM: Software Composition Analysis, ...

March 27, 2023
NPM Hijackers at it Again: Popular ‘coa’ and ‘rc’ Open Source Libraries Taken Over to Spread Malware

Cyber-readiness and Changing Federal Government SBOM Requirements

President Biden’s Executive Order 14208, “Improving the Nation’s Cybersecurity,” was a major step toward regulating the software supply chain in the US was spurred by ...

March 02, 2023
NPM Hijackers at it Again: Popular ‘coa’ and ‘rc’ Open Source Libraries Taken Over to Spread Malware

White House National Cybersecurity Strategy: Landmark Action for a Critical Threat

The last decade has seen increased reliance on software across every part of our lives. In parallel, we’ve seen a massive increase in attacks on this digital infrastructure, ...

January 26, 2023
NPM Hijackers at it Again: Popular ‘coa’ and ‘rc’ Open Source Libraries Taken Over to Spread Malware

Part 3: The Shifting Landscape of Open Source Supply Chain Attacks

When lives are on the line, the stakes are raised. It also presents a critical question and brings us to the focus of our third and final post: who’s responsible, and how do ...

January 25, 2023
NPM Hijackers at it Again: Popular ‘coa’ and ‘rc’ Open Source Libraries Taken Over to Spread Malware

Part 2: The Shifting Landscape of Open Source Supply Chain Attacks

Sonatype’s involvement since the inception of open source security gives us a unique perspective on supply chain security. As we see it, there are three distinct phases of the ...

August 03, 2022
NPM Hijackers at it Again: Popular ‘coa’ and ‘rc’ Open Source Libraries Taken Over to Spread Malware

Biden's Cybersecurity Executive Order fuels seismic changes in software development practices

President Biden’s Executive Order on Improving the Nation’s Cybersecurity has driven wide-scale changes in software development practices in both the UK and US in the two years ...
January 29, 2019
NPM Hijackers at it Again: Popular ‘coa’ and ‘rc’ Open Source Libraries Taken Over to Spread Malware

Total Economic Impact Study Reveals $14,000 Savings per Developer

Sonatype released a commissioned study conducted by research of organizations using the Nexus Platform and their ROIs and more increased profits.

January 29, 2019
NPM Hijackers at it Again: Popular ‘coa’ and ‘rc’ Open Source Libraries Taken Over to Spread Malware

Equifax Chose Sonatype

Sonatype, the Nexus company and a continuous delivery leader, today announced that Equifax Inc. has selected Sonatype’s Nexus platform to manage and monitor its ...

January 25, 2019
NPM Hijackers at it Again: Popular ‘coa’ and ‘rc’ Open Source Libraries Taken Over to Spread Malware

Sonatype recognized as leading Provider of Software Composition Analysis

Sonatype, the leader in automated open source governance, announced it has been recognized as one of five “large” SCA Specialists in Forrester Research’s new Now Tech: ...

October 12, 2018
NPM Hijackers at it Again: Popular ‘coa’ and ‘rc’ Open Source Libraries Taken Over to Spread Malware

Sonatype Partners with All Day DevOps to Educate More Than 1 Million People Through an Expanded 2018 Program

All Day DevOps and Sonatype partnered to host the largest conference of high quality educational content to more than 1 million IT professionals to focus on DevOps.

September 25, 2018
NPM Hijackers at it Again: Popular ‘coa’ and ‘rc’ Open Source Libraries Taken Over to Spread Malware

Sonatype’s 2018 State of the Software Supply Chain Report Reveals Use of Vulnerable Open Source Increased 120%, Despite Equifax Breac

Sonatype today released its fourth annual

September 25, 2018
NPM Hijackers at it Again: Popular ‘coa’ and ‘rc’ Open Source Libraries Taken Over to Spread Malware

Micro Focus Extends Partnership with Sonatype to Bring Best-in-Class Open Source Security to all Fortify Customers

Today, Sonatype, the leader in automated open source governance and application security, and Micro Focus, creator of

November 20, 2017
NPM Hijackers at it Again: Popular ‘coa’ and ‘rc’ Open Source Libraries Taken Over to Spread Malware

The Modern Way to Develop Safe Code

Today’s guest is Derek Weeks, VP and DevOps Advocate at Sonatype. The discussion today highlights what has happened to software development in the past ten years. Rather ...

August 31, 2016
NPM Hijackers at it Again: Popular ‘coa’ and ‘rc’ Open Source Libraries Taken Over to Spread Malware

Government Spotlight: DevOps Accelerates Cyber Security

In 2010, a 7.0-magnitude earthquake devastated Haiti. The quake killed an estimated 230,000 people and sparked a massive global assistance response. We all remember this ...

August 19, 2016
NPM Hijackers at it Again: Popular ‘coa’ and ‘rc’ Open Source Libraries Taken Over to Spread Malware

Derek Weeks: A closer look at software supply chain

The software world is being flooded with open source product. In fact, the federal government has an open-source-first policy. But maybe it's time to stop and think about ...

July 29, 2016
NPM Hijackers at it Again: Popular ‘coa’ and ‘rc’ Open Source Libraries Taken Over to Spread Malware

Government Asks: What’s in Your Software?

Multiple agencies across the U.S. government are paying closer attention to the software they are buying. More specifically, they want to know what open source and third party ...

July 22, 2016
NPM Hijackers at it Again: Popular ‘coa’ and ‘rc’ Open Source Libraries Taken Over to Spread Malware

Protecting the open source software supply chain

What: The 2016 State of the Software Supply Chain report from Sonatype detailing the use of open source components in software.

February 26, 2015
NPM Hijackers at it Again: Popular ‘coa’ and ‘rc’ Open Source Libraries Taken Over to Spread Malware

Sonatype’s Nexus Repository Manager Installs Double in Last 18 Months, Reinforcing Dominant Market Share Position

Sonatype, the Nexus company and a continuous delivery leader, today announced that its Nexus repository manager usage has doubled in the last 18 months (July 2013 to February ...