Sonatype stellt Abhängigkeitsmanagement der nächsten Generation vor | Pressemitteilung

Nexus Intelligence-Insights

Jetzt testen  

Deep dive into Sonatype Security Research

See incredible research performed (24x7x365) by our team.  Learn how open source exploits work.  Get expert guidance on how to remediate risk.

2 New RubyGems laced with cryptocurrency stealing malware taken down

This month, RubyGems removed 2 gems from its open source software repository that contained malicious code. These gems, tracked as sonatype-2020-1222 by us, are:

 Malicious typosquatting open source packages in npm are laced with a popular Remote Access Trojan (RAT).

There’s a RAT in my code: new npm malware with Bladabindi trojan spotted

Over the Thanksgiving weekend, Sonatype discovered new malware within the npm registry. This time, the typosquatting packages identified by us are laced with a popular Remote Access Trojan (RAT).


Massive threat campaign strikes open-source repos, Sonatype spots new CursedGrabber malware

Sonatype has discovered more malware in the npm registry which, following our analysis and multiple cyber threat intelligence reports, has led to the discovery of a novel and large scale malware


Discord.dll: successor to npm “fallguys” malware went undetected for 5 months

This week, the Sonatype Security Research team has identified a series of counterfeit components in the npm ecosystem. These intentionally malicious packages seem to be doing similar, shady things


Gitpaste-12: A dozen exploits that silently lived on GitHub, attacked Linux servers

Just months after Octopus Scanner was caught infecting 26 open-source projects on GitHub, new reports have already surfaced of another, new sophisticated malware infection. Gitpaste-12, a worming


Trick or treat: that `twilio-npm` package is brandjacking malware in disguise!

As if the increasing attacks on the open source ecosystem and vulnerabilities making headlines weren’t scary enough events, this Halloween devs were exposed to another malicious trick


Discord squashes critical Electron bugs: open source attacks continue to grow

My colleague has two kids, ages 9 and 12.  Since the COVID lockdowns they have been playing more online games and each of them use Discord to chat with their friends during gameplay.  Did my


Sonatype finds malicious npm packages which broadcast your IP, username, and device fingerprint info on the web

Sonatype researchers discovered and confirmed the presence of two new vulnerable npm packages. Sonatype’s discovery was initially made by its malicious code detection bots. By applying machine


Inside the “fallguys” malware that steals your browsing data and gaming IMs; Continued attack on open source software

This weekend a report emerged of mysterious npm malware stealing sensitive information from Discord apps and web browsers installed on a user’s machine.


From Prototype Pollution to full-on remote code execution, how can adversaries exploit npm modules?

The NodeJS component express-fileupload - touting 7 million downloads from the npm registry -  now has a critical Prototype Pollution vulnerability.

apache tomcat vulnerability

Nexus Intelligence Insights:CVE-2020-13935 - Apache Tomcat Websocket - Denial of Service (DoS)

For July’s Nexus Intelligence Insight we take a deep dive into a Denial of Service (DoS) vulnerability impacting the popular Apache Tomcat Websocket component.


Nexus Intelligence Insights: xlsx aka SheetJS - Regular Expression Denial of Service (ReDoS) and sonatype-2018-0622

For this month’s Nexus Intelligence Insights, we explore an interesting case of ReDoS vulnerability impacting the popular npm component, SheetJS, also known as “xlsx”. It may pique your interest


Nexus Intelligence Insights: Protect Your Bitcoin from 700+ Malicious RubyGems with sonatype-2020-0196

Last week news broke about how 700 typosquatting libraries had made their way into the famous RubyGems repository. The complete list, first published by Reversing Labs, reveals how crafty