Login Contact Us Book a Demo

The Sonatype Newsroom

Explore Sonatype's latest announcements, media coverage, threat research, brand assets, and more.

Featured News and Stories

May 6, 2026

Sonatype and Package Registry Leaders Unite to Address Open Source Sustainability Crisis

New Linux Foundation initiative convenes registry leaders to develop shared approaches to funding, governance, and long-term ecosystem resilience.

Read More

white logo of

Open source devs consider making hogs pay for every download

February 28, 2026

white logo of

If consequences matter, they should apply to vendors, too

March 11, 2026

Press Releases

Open Source ,  News and Views

Sonatype and Package Registry Leaders Unite to Address Open Source Sustainability Crisis

May 6, 2026
Read More
News and Views ,  Malware ,  Sonatype Research

Sonatype Releases Q1 2026 Open Source Malware Index: Trust Abuse Most Successful Attack Vector

April 14, 2026
Read More
News and Views ,  AI ,  Sonatype Research

Sonatype Research Finds AI Coding Safety Gains Rely on Real-Time Software Intelligence, Not Just Larger Models

March 24, 2026
Read More
Software Supply Chain ,  News and Views ,  Sonatype Research

Sonatype Research Reveals OSS Malware Grows 75% as Yearly Open Source Downloads Surpass 9.8 Trillion

January 28, 2026
Read More
News and Views ,  Product ,  AI

Sonatype Introduces Guide, the Intelligent Solution for Secure Agentic Development

December 9, 2025
Read More
News and Views ,  Sonatype Research

Sonatype Intelligence Reveals CVE Program Leaves Majority of Vulnerabilities Unscored

November 20, 2025
Read More
See All Press Releases

Sonatype Threat Research

Powering unmatched visibility and insights

Sonatype’s world-class Security Research team leads the market in identifying and analyzing threats within the open source ecosystem. With a combination of automated intelligence, expert analysis, and secondary expansion, the team uncovers new forms of open source malware, software supply chain attacks, and emerging vulnerabilities. From in-depth reports to real-time threat detection, Sonatype Security Research powers the insights that keep our customers ahead of adversaries and sets the standard for trust in software development.

Learn more

In the News

The Hacker News

2026: The Year of AI-Assisted Attacks

May 4, 2026
Continue
Devops.com-logo

Eclipse Foundation Unfurls Managed VSX Registry Service

April 21, 2026
Continue
SC Media logo

The Human Aspect of Red Teams – Brian Fox, Tom Tovar, T. Gwyddon ‘Data’ Owen – ASW #379

April 21, 2026
Continue
Betanews_logo

Open source malware sees a 21 percent increase

April 17, 2026
Continue
cybernews_logo

“Developers are not engineers:” Why Anthropic’s Mythos and other AI tools expose gaps in vulnerability reporting

April 16, 2026
Continue
IT Brew logo

The challenge of continuity in open-source development

April 15, 2026
Continue
See All Media
2026 SSCR hardcover book interior and front

2026 State of the Software Supply Chain Report

Sonatype was the first to share year-over-year analyses of open source consumption and threat data. For over a decade, the State of the Software Supply Chain® Report has provided developers and security teams with insights into trends, risks, and threats related to open source software — ultimately helping them better understand and manage their software supply chains.

Learn more

Press Kit

Access some basic statistics, descriptions, and brand assets you may find helpful when writing about Sonatype.
Contact PR Team
2008
year founded in Fulton, Maryland
0
+
employees from 50 countries and 15 languages
0
+
organizations supported, including 70% of Fortune 100
15 MILLION
developers rely on Sonatype
FULTON, MD
headquarters
MAVEN
Central stewards

Logos

Access our collection of approved corporate logos and brand guidelines for use.
Download

Leadership

Find high-resolution photos of our fearless innovators on the executive team.
Download

Product

Find individual logos for products within the Sonatype Platform.
Download