Collaborate Disseminate
We are excited to announce Azure Blob Storage support with Nexus Repository Pro available in 3.30 release! Nexus Repository Pro users can now manage and deploy their critical infrastructure on Microsoft’s Azure Cloud Platform. As cloud-native arch… Continue reading New in Nexus Repository 3.30: Microsoft Azure Blob Storage Support for Expanded Cloud Platform Deployments
We are excited to announce Azure Blob Storage support with Nexus Repository Pro available in 3.30 release! Nexus Repository Pro users can now manage and deploy their critical infrastructure on Microsoft’s Azure Cloud Platform. As cloud-native arch… Continue reading New in Nexus Repository 3.30: Microsoft Azure Blob Storage Support for Expanded Cloud Platform Deployments
As news continues to cascade on a recent dependency hijacking software supply chain attack, detection of dependency confusion, a.k.a. namespace confusion, copycat packages are on the rise. These counterfeit packages, presenting the same attack met… Continue reading Sonatype Releases New Nexus Firewall Policy to Secure Software Supply Chains from “Dependency Confusion” Attacks
Does reducing friction help a business grow? Can security teams take friction away from users and make authentication seamless? “High-grade security” coupled with “low to no friction” is the future of successful online engagement between companies and … Continue reading Reducing Signup & Login Friction
The shutdown of Bintray and JCenter comes as a rough entry in the 2021 Bingo card for many developers – most Android projects as well as Gradle and many others publish their artifacts via Bintray into JCenter. The migration timelines are tight for… Continue reading The Central Repository Stands to Support Sailors from Bintray – 3 steps to take now to protect your builds from failing
We know the news about JFrog sunsetting Bintray/JCenter has been unsettling for many. Our goal is to make the migration to The Central Repository as easy as possible – whether you’re just consuming components or if you’re publishing them as well. … Continue reading What Publishers Need to Know About Migrating from JCenter / Bintray to The Central Repository
If you’re freaking out because JFrog announced it’s sunsetting Bintray and JCenter, and are concerned about moving your Java components into The Central Repository, I want to first and foremost say – don’t worry. We’re here for you and I personall… Continue reading Dear Bintray and JCenter Users – Here’s What You Need to Know About The Central Repository
On January 16th, Sonatype became aware of 3 malicious packages that were published to npm, and leveraged brandjacking and typosquatting techniques that we previously warned about.
The post CursedGrabber strikes again: Sonatype spots new malware c… Continue reading CursedGrabber strikes again: Sonatype spots new malware campaign against Software Supply Chains
On January 7th, Sonatype became aware of 3 malicious brandjacking components which were published to the Maven Central Repository in the last week of 2020.
The post Sonatype Stops Software Supply Chain Attack Aimed at the Java Developer Community… Continue reading Sonatype Stops Software Supply Chain Attack Aimed at the Java Developer Community
As you may have seen, we at Sonatype have been following the SolarWinds’ software supply chain security breach closely. We’ve simultaneously been reviewing and analyzing our own environments to confirm we are not impacted by this security vulnerab… Continue reading Does the SolarWinds’ Orion Security Advisory Impact Sonatype’s Product?