Please turn on your JavaScript for this page to function normally.
open source malware
Open source malware up 200% since 2023

Sonatype’s 2024 Open Source Malware Threat Report reveals that the number of malicious packages has surpassed 778,500 since tracking began in 2019. In 2024, researchers …

Infosec products of the month
Infosec products of the month: March 2024

Here’s a look at the most interesting products from the past month, featuring releases from: Appdome, AuditBoard, Bedrock Security, Check Point, CyberArk, Cynerio, DataDome, …

New infosec products of the week
New infosec products of the week: March 22, 2024

Here’s a look at the most interesting products from the past week, featuring releases from Appdome, Drata, GlobalSign, Ordr, Portnox, Sonatype, Tufin, and Zoom. GlobalSign …

HNS
Sonatype SBOM Manager identifies and mitigates vulnerabilities within the software supply chain

Working with the world’s largest enterprises and global policymakers to address the complexities of optimizing your software supply chain with SBOMs (Software Bill of …

GenAI
The dark side of GenAI

Beyond traditional AI models, generative AI (GenAI) can create new content, images, and even entire scenarios from scratch. While this technology holds immense promise across …

Curl
Be prepared to patch high-severity vulnerability in curl and libcurl

UPDATE (October 11, 2023, 07:15 a.m. ET): Curl v8.4.0 is out and fixes both CVE-2023-38545, a SOCKS5 heap buffer overflow vulnerability and CVE-2023-38546, a cookie injection …

open-source software
The root cause of open-source risk

2023 saw twice as many software supply chain attacks as 2019-2022 combined. Sonatype logged 245,032 malicious packages in 2023. One in eight open-source downloads today poses …

laptop
GenAI in software surges despite risks

In this Help Net Security video, Ilkka Turunen, Field CTO at Sonatype, discusses how generative AI influences and impacts software engineers’ work and the software …

AI
Generative AI lures DevOps and SecOps into risky territory

Application security leaders are more optimistic than developer leaders on generative AI, though both agree it will lead to more pervasive security vulnerabilities in software …

open source
Open-source security challenges and complexities

Open source refers to software or technology that is made available to the public with its source code openly accessible, editable, and distributable. In other words, the …

Cybertech Tel Aviv 2023
Video walkthrough: Cybertech Tel Aviv 2023

Help Net Security is in Israel this week for Cybertech Tel Aviv 2023, talking to the key players from the cybersecurity industry and businesses from a wide range of sectors, …

Python
A closer look at malicious packages targeting Python developers

In this Help Net Security video, Carlos Fernandez, Security Researcher at Sonatype, talks about how their AI system caught packages that attack Python developers with a unique …

Don't miss

Cybersecurity news