For the best experience on desktop, install the
Chrome extension
to track your reading on news.ycombinator.com
×
Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
|
history
|
from
register
Jscipy now available on Maven Central
(
sonatype.com
)
1 point
by
hissain
74 days ago
|
past
|
1 comment
From Abuse to Alignment: Why We Need Sustainable Open Source Infrastructure
(
sonatype.com
)
2 points
by
pjmlp
6 months ago
|
past
Exploring Rust Language Adoption
(
sonatype.com
)
2 points
by
droideqa
10 months ago
|
past
Fake VS Code extension on NPM uses altered ScreenConnect utility as spyware
(
sonatype.com
)
2 points
by
axsharma
on Feb 7, 2025
|
past
State of the Software Supply Chain (2024)
(
sonatype.com
)
1 point
by
livealight
on Oct 24, 2024
|
past
State of the Software Supply Chain
(
sonatype.com
)
1 point
by
mdp2021
on Oct 11, 2024
|
past
|
1 comment
10th Annual State of the Software Supply Chain [pdf]
(
sonatype.com
)
3 points
by
chha
on Oct 10, 2024
|
past
Maven Central and the Tragedy of the Commons
(
sonatype.com
)
3 points
by
microflash
on July 4, 2024
|
past
|
1 comment
Maven Central and the Tragedy of the Commons
(
sonatype.com
)
7 points
by
hocuspocus
on June 26, 2024
|
past
NPM flooded with 748 packages that store movies
(
sonatype.com
)
19 points
by
ben_s
on Jan 28, 2024
|
past
|
8 comments
State of the Software Supply Chain (2023)
(
sonatype.com
)
1 point
by
davelester
on Oct 5, 2023
|
past
|
1 comment
NPM packages caught exfiltrating Kubernetes config, SSH keys
(
sonatype.com
)
3 points
by
aa_is_op
on Sept 26, 2023
|
past
Malware Monthly – March 2023
(
sonatype.com
)
1 point
by
samaysharma
on Aug 16, 2023
|
past
Stolen Information Stealers Are Fueling an Underground Market
(
sonatype.com
)
2 points
by
hortiz
on Feb 28, 2023
|
past
BOM Doctor: Visualise and Patch Java SBOMS
(
sonatype.com
)
1 point
by
livealight
on Feb 9, 2023
|
past
8th Annual State of the Software Supply Chain
(
sonatype.com
)
1 point
by
chha
on Oct 27, 2022
|
past
8th State of the Software Supply Chain Report
(
sonatype.com
)
1 point
by
livealight
on Oct 18, 2022
|
past
PyPI package 'secretslib' drops fileless Linux malware to mine Monero
(
sonatype.com
)
170 points
by
kungfudoi
on Aug 12, 2022
|
past
|
60 comments
PyPI: Python packets steal AWS keys from users
(
sonatype.com
)
168 points
by
modinfo
on June 26, 2022
|
past
|
100 comments
PyPI, NuGet, NPM Flooded with Roblox and Fortnite Spam: Why?
(
sonatype.com
)
2 points
by
livealight
on Feb 15, 2022
|
past
Maven Central Log4j Download Dashboard
(
sonatype.com
)
1 point
by
knuckleheads
on Jan 11, 2022
|
past
Log4shell by the Numbers
(
sonatype.com
)
2 points
by
jonbaer
on Dec 15, 2021
|
past
Log4shell by the numbers- Why did CVE-2021-44228 set the Internet on Fire?
(
sonatype.com
)
1 point
by
livealight
on Dec 14, 2021
|
past
[dupe]
0-Day Vulnerability on Log4j
(
sonatype.com
)
127 points
by
tbarbugli
on Dec 10, 2021
|
past
|
4 comments
Fake NPM Roblox API Package Installs Ransomware
(
sonatype.com
)
3 points
by
afrcnc
on Oct 27, 2021
|
past
Apache Servers Vulnerability Actively Exploited in the Wild
(
sonatype.com
)
1 point
by
p4bl0
on Oct 6, 2021
|
past
Apache Servers Actively Exploited in the Wild and the Importance of Patching
(
sonatype.com
)
4 points
by
1cvmask
on Oct 5, 2021
|
past
State of the Software Supply Chain 2021
(
sonatype.com
)
15 points
by
livealight
on Sept 15, 2021
|
past
|
13 comments
New PyPI Cryptomining Malware
(
sonatype.com
)
2 points
by
a-human
on June 23, 2021
|
past
New PyPI Cryptomining Malware
(
sonatype.com
)
2 points
by
afrcnc
on June 22, 2021
|
past
More
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
×
HN For You
Display Mode
Highlight
Top
Only
Debug mode
Sign Out
API Key:
Connect
Create an account
to get your API key.
