Malicious open-source packages are an unseen but rapidly growing threat to U.S. government. A 92% spike in identified ...

The company is to offer bug bounty awards for people who report security vulnerabilities in third-party and open source ...

HYDERABAD, India, Dec. 10, 2025 /PRNewswire/ -- Sonatype, the pioneer in software supply chain security, announced the launch ...

When official systems can't support everyday workflows, employees turn to spreadsheets — creating "shadow spreadsheets" that ...

Researchers earned a total of $320,000 at the Zeroday.Cloud live hacking competition of cloud security giant Wiz.

AI-driven DevSecOps company Sonatype has come forward with Sonatype Guide. This is a developer tool designed to make AI-assisted software development faster and safer. With some many AI coding ...

In a nod to the evolving threat landscape that comes with cloud computing and AI and the growing supply chain threats, Microsoft is broadening its bug bounty program to reward researchers who uncover ...

At this week's Black Hat Europe conference, two researchers urged developers to adopt a shared responsibility model for open ...

Should you ever turn off Windows Security? It's tricky, but here's my rule of thumb ...

Security headlines distract, but the threats keeping CISOs awake are fundamental gaps and software supply chain risks. Learn why basics and visibility matter most.

Fast forward two years or so, and Nunchuk has carved itself a solid niche within the Bitcoin industry. It is the only open ...

Software supply chain management firm Sonatype Inc. today announced the launch of Sonatype Guide, a new developer tool that ...