Login Contact Us Book a Demo

The Sonatype Newsroom

Explore Sonatype's latest announcements, media coverage, threat research, brand assets, and more.

Featured News and Stories

November 20, 2025

Sonatype Intelligence Reveals CVE Program Leaves Majority of Vulnerabilities Unscored

Inconsistent and delayed open source vulnerability data results in 150,000 false negatives, leaving AI-driven development pipelines exposed Fulton, ...

Read More

white logo of

The Hidden Vulnerability of The Open Source Software Supply Chain: The Underlying Infrastructure

September 29, 2025

white logo of

When ‘minimal impact’ isn’t reassuring: lessons from the largest npm supply chain compromise

September 15, 2025

Press Releases

vulnerabilities ,  News and Views ,  sonatype intelligence

Sonatype Intelligence Reveals CVE Program Leaves Majority of Vulnerabilities Unscored

November 20, 2025
Read More
News and Views ,  Product ,  AI

Sonatype Unveils Nexus One: An AI-Native DevSecOps Platform to Secure and Accelerate Software Innovation

November 19, 2025
Read More
News and Views

Sonatype Celebrates Grand Opening of India Innovation Hub in Hyderabad

November 10, 2025
Read More
News and Views

Sonatype Announces 2025 Elevate Award Winners & Finalists

October 20, 2025
Read More
Open Source ,  News and Views ,  Malware

Open Source Malware Surges 140% in Q3 as Attackers Target Data and Trusted Dependencies

October 15, 2025
Read More
News and Views

Sonatype Named a Visionary on the 2025 Gartner® Magic Quadrant™ for Application Security Testing

October 14, 2025
Read More
See All Press Releases

Sonatype Threat Research

Powering unmatched visibility and insights

Sonatype’s world-class Security Research team leads the market in identifying and analyzing threats within the open source ecosystem. With a combination of automated intelligence, expert analysis, and secondary expansion, the team uncovers new forms of open source malware, software supply chain attacks, and emerging vulnerabilities. From in-depth reports to real-time threat detection, Sonatype Security Research powers the insights that keep our customers ahead of adversaries and sets the standard for trust in software development.

Learn more

In the News

DevOps Digest

Sonatype Unveils Nexus One

November 19, 2025
Continue
Outlook-Logo

Building Trust in the Age of AI: Sonatype CEO Bhagwat Swaroop on Why India is the Future of Software Security

November 14, 2025
Continue
infosecurity-magazine-logo-2023-removebg-preview

“IndonesianFoods” npm Worm Publishes 44,000 Malicious Packages

November 13, 2025
Continue
AIM-logo-black

Why Sonatype Bets Big on Hyderabad as Its Open-Source Security Hub

November 12, 2025
Continue
SD-Times-Logo-1

What the Dev? A developer's Hippocratic Oath in the age of AI (with Sonatype's Mitchell Johnson)

November 11, 2025
Continue
The_Hindu_logo.svg

U.S. firm Sonatype opens AI innovation hub in Hyderabad

November 11, 2025
Continue
See All Media
SSCR - Computer Display (1)

10th Annual State of the Software Supply Chain Report

Sonatype was the first to share year-over-year analyses of open source consumption and threat data. For over a decade, the State of the Software Supply Chain® Report has provided developers and security teams with insights into trends, risks, and threats related to open source software — ultimately helping them better understand and manage their software supply chains.

Learn more

Press Kit

Access some basic statistics, descriptions, and brand assets you may find helpful when writing about Sonatype.
Contact PR Team
2008
year founded in Fulton, Maryland
0
+
employees from 50 countries and 15 languages
0
+
organizations supported, including 70% of Fortune 100
15 million
developers rely on Sonatype
Fulton, MD
headquarters
Maven Central
stewards

Logos

Access our collection of approved corporate logos and brand guidelines for use.
Download

Leadership

Find high-resolution photos of our fearless innovators on the executive team.
Download

Product

Find individual logos for products within the Sonatype Platform.
Download