Contact Us Book a Demo

The Sonatype Newsroom

Explore Sonatype's latest announcements, media coverage, threat research, brand assets, and more.

Featured News and Stories

October 15, 2025

Open Source Malware Surges 140% in Q3 as Attackers Target Data and Trusted Dependencies

Sonatype’s OS Malware Index reveals record growth in sophisticated, stealth-first attacks — driven by campaigns targeting npm like the chalk and ...

Read More

white logo of

The Hidden Vulnerability of The Open Source Software Supply Chain: The Underlying Infrastructure

September 29, 2025

white logo of

When ‘minimal impact’ isn’t reassuring: lessons from the largest npm supply chain compromise

September 15, 2025

Press Releases

News and Views

Sonatype Announces 2025 Elevate Award Winners & Finalists

October 20, 2025
Read More
Open Source ,  News and Views ,  Malware

Open Source Malware Surges 140% in Q3 as Attackers Target Data and Trusted Dependencies

October 15, 2025
Read More
News and Views

Sonatype Named a Visionary on the 2025 Gartner® Magic Quadrant™ for Application Security Testing

October 14, 2025
Read More
News and Views ,  Product

Sonatype Launches Nexus Repository Cloud for the Gen AI Era

October 8, 2025
Read More
News and Views

Sonatype Appoints Cybersecurity Veteran Bhagwat Swaroop as CEO

July 29, 2025
Read More
News and Views ,  Product

Sonatype Solutions Now Available in the New AWS Marketplace AI Agents and Tools category

July 16, 2025
Read More
See All Press Releases

Sonatype Threat Research

Powering unmatched visibility and insights

Sonatype’s world-class Security Research team leads the market in identifying and analyzing threats within the open source ecosystem. With a combination of automated intelligence, expert analysis, and secondary expansion, the team uncovers new forms of open source malware, software supply chain attacks, and emerging vulnerabilities. From in-depth reports to real-time threat detection, Sonatype Security Research powers the insights that keep our customers ahead of adversaries and sets the standard for trust in software development.

Learn more

In the News

CyberScoop logo

Behind the struggle for control of the CVE program

October 20, 2025
Continue
ISMS Logo

What an npm Attack Says About the Risks of Open-Source Software

October 16, 2025
Continue
eWeek

Open Source Malware Surges 140% in Q3

October 15, 2025
Continue
techround

What Is Open Source Malware And Why Is It So High?

October 15, 2025
Continue
BetaNews-logo

Open source malware up 140 percent

October 15, 2025
Continue
DevOps Digest

Sonatype Launches Nexus Repository Cloud

October 8, 2025
Continue
See All Media
SSCR - Computer Display (1)

10th Annual State of the Software Supply Chain Report

Sonatype was the first to share year-over-year analyses of open source consumption and threat data. For over a decade, the State of the Software Supply Chain® Report has provided developers and security teams with insights into trends, risks, and threats related to open source software — ultimately helping them better understand and manage their software supply chains.

Learn more

Press Kit

Access some basic statistics, descriptions, and brand assets you may find helpful when writing about Sonatype.
Contact PR Team
2008
year founded in Fulton, Maryland
0
+
employees from 50 countries and 15 languages
0
+
organizations supported, including 70% of Fortune 100
15 million
developers rely on Sonatype
Fulton, MD
headquarters
Maven Central
stewards

Logos

Access our collection of approved corporate logos and brand guidelines for use.
Download

Leadership

Find high-resolution photos of our fearless innovators on the executive team.
Download

Product

Find individual logos for products within the Sonatype Platform.
Download