Developer Tech

Sonatype Guide brings DevSecOps to AI coding

Sonatype Guide aims to secure AI coding workflows, aligning generation speed and increased productivity with DevSecOps safety ...

Sonatype debuts guide to secure AI-assisted software development

Software supply chain management firm Sonatype Inc. today announced the launch of Sonatype Guide, a new developer tool that ...

Sonatype Introduces Guide, the Intelligent Solution for Secure Agentic Development

Enhanced Open Source Software (OSS) Search for Instant Decisions: A modern search experience that instantly surfaces the lowest-effort, highest-impact fixes and upgrade choices — giving developers ...

Shai-Hulud 2.0 NPM malware attack exposed up to 400,000 dev secrets

The second Shai-Hulud attack last week exposed around 400,000 raw secrets after infecting hundreds of packages in the NPM ...

Glassworm malware returns in third wave of malicious VS Code packages

The Glassworm campaign, which first emerged on the OpenVSX and Microsoft Visual Studio marketplaces in October, is now in its third wave, with 24 new packages added on the two platforms.