← Find more feeds

blog.sonatype.com

Sonatype Blog

Get the latest updates from Sonatype Blog directly as they happen.

Follow now 32 followers

Latest posts

Last updated about 12 hours ago

Three New React Vulnerabilities Surface on the Heels of React2Shell

about 12 hours ago

CVE-2025-55183, CVE-2025-55184, and CVE-2025-67779 require immediate attention

Read full

Unnecessary Risk: The Persistence of Open Source Vulnerabilities

3 days ago

Log4Shell was supposed to be the wake-up call that changed everything. Four...

Read full

Sonatype Guide: Giving AI the Context It Needs

4 days ago

AI coding assistants promised to transform software development. And in many ways,...

Read full

React2Shell: RCE Vulnerabilities Require Immediate Attention

9 days ago

CVE-2025-55182 & CVE-2025-66478 — Critical Deserialization RCE in React Server Components As...

Read full

Accelerate DevOps with Sonatype's Multi-Product AWS Offering

9 days ago

Organizations building modern applications are constantly pressured to deliver software faster without...

Read full

CRA and AI Regulation: What's Next for Software Compliance?

10 days ago

The days of postponing cyber regulations are over.

Read full

How MOSA Principles Will Reshape the DoD RMF

18 days ago

The Department of Defense (DoD) faces the dual imperative of accelerating technology...

Read full

The Second Coming of Shai-Hulud: Attackers Innovating on npm

18 days ago

The Shai-Hulud campaign is back, but this time with improved automation, persistence...

Read full

Why the World's Vulnerability Index Cannot Keep Up

23 days ago

The Common Vulnerabilities and Exposures (CVE) system has been called the backbone...

Read full

The Shift Toward Unified Platforms in Application Security

24 days ago

Modern software delivery has never been more complex, or more interconnected.

Read full

Unprecedented Automation: IndonesianFoods Pits Open Source Against Itself

about 1 month ago

Over the past year, we've seen a steady drumbeat of supply chain...

Read full

Mastering Software Governance in Air-Gapped Critical Mission Environments

about 1 month ago

In national security and defense, air-gapped networks remain the gold standard for...

Read full

Or log in

Everything you care about in one place

Sonatype Blog

Latest posts

Three New React Vulnerabilities Surface on the Heels of React2Shell

Unnecessary Risk: The Persistence of Open Source Vulnerabilities

Sonatype Guide: Giving AI the Context It Needs

React2Shell: RCE Vulnerabilities Require Immediate Attention

Accelerate DevOps with Sonatype's Multi-Product AWS Offering

CRA and AI Regulation: What's Next for Software Compliance?

How MOSA Principles Will Reshape the DoD RMF

The Second Coming of Shai-Hulud: Attackers Innovating on npm

Why the World's Vulnerability Index Cannot Keep Up

The Shift Toward Unified Platforms in Application Security

Unprecedented Automation: IndonesianFoods Pits Open Source Against Itself

Mastering Software Governance in Air-Gapped Critical Mission Environments

Try Feeder for free