We are in the midst of a wave of low-cost, high damage techniques by hackers in the wild. Bad actors are finding easy, inventive, and well-disguised ways around common security measures by targeting the open source building blocks of software. These include typosquatting, dependency confusion, and malware injection, of which Sonatype’s automated malware detection has caught upwards of 63,000 packages to date.
Article Link: Scale Developer Security with Expanded Nexus Platform Features