Login Contact Us Book a Demo

The Sonatype Newsroom

Explore Sonatype's latest announcements, media coverage, threat research, brand assets, and more.

Featured News and Stories

December 9, 2025

Sonatype Introduces Guide, the Intelligent Solution for Secure Agentic Development

New solution connects generative and agentic AI coding assistants to real-time open source intelligence to optimize development speed, reduce ...

Read More

white logo of

A concerning number of Log4j downloads are still vulnerable four years on

December 12, 2025

white logo of

Sonatype Guide aims to steer secure open source agentic development

December 12, 2025

Press Releases

News and Views ,  Product ,  AI

Sonatype Introduces Guide, the Intelligent Solution for Secure Agentic Development

December 9, 2025
Read More
vulnerabilities ,  News and Views ,  sonatype intelligence

Sonatype Intelligence Reveals CVE Program Leaves Majority of Vulnerabilities Unscored

November 20, 2025
Read More
News and Views ,  Product ,  AI

Sonatype Unveils Nexus One: An AI-Native DevSecOps Platform to Secure and Accelerate Software Innovation

November 19, 2025
Read More
News and Views

Sonatype Celebrates Grand Opening of India Innovation Hub in Hyderabad

November 10, 2025
Read More
News and Views

Sonatype Announces 2025 Elevate Award Winners & Finalists

October 20, 2025
Read More
Open Source ,  News and Views ,  Malware

Open Source Malware Surges 140% in Q3 as Attackers Target Data and Trusted Dependencies

October 15, 2025
Read More
See All Press Releases

Sonatype Threat Research

Powering unmatched visibility and insights

Sonatype’s world-class Security Research team leads the market in identifying and analyzing threats within the open source ecosystem. With a combination of automated intelligence, expert analysis, and secondary expansion, the team uncovers new forms of open source malware, software supply chain attacks, and emerging vulnerabilities. From in-depth reports to real-time threat detection, Sonatype Security Research powers the insights that keep our customers ahead of adversaries and sets the standard for trust in software development.

Learn more

In the News

IT PRO

Shai-Hulud malware is back with a vengeance and hit more than 19,000 GitHub repositories so far — here's what developers need to know

December 25, 2025
Continue
Security Week logo

640 NPM Packages Infected in New ‘Shai-Hulud’ Supply Chain Attack

December 25, 2025
Continue
InfoWorld

Did your npm pipeline break today? Check your ‘classic’ tokens

December 12, 2025
Continue
IT PRO

A concerning number of Log4j downloads are still vulnerable four years on

December 12, 2025
Continue
ComputerWeekly-logo

Sonatype Guide aims to steer secure open source agentic development

December 12, 2025
Continue
DarkReading-logo

Are Trade Concerns Trumping US Cybersecurity?

December 12, 2025
Continue
See All Media
SSCR - Computer Display (1)

10th Annual State of the Software Supply Chain Report

Sonatype was the first to share year-over-year analyses of open source consumption and threat data. For over a decade, the State of the Software Supply Chain® Report has provided developers and security teams with insights into trends, risks, and threats related to open source software — ultimately helping them better understand and manage their software supply chains.

Learn more

Press Kit

Access some basic statistics, descriptions, and brand assets you may find helpful when writing about Sonatype.
Contact PR Team
2008
year founded in Fulton, Maryland
0
+
employees from 50 countries and 15 languages
0
+
organizations supported, including 70% of Fortune 100
15 million
developers rely on Sonatype
Fulton, MD
headquarters
Maven Central
stewards

Logos

Access our collection of approved corporate logos and brand guidelines for use.
Download

Leadership

Find high-resolution photos of our fearless innovators on the executive team.
Download

Product

Find individual logos for products within the Sonatype Platform.
Download