Sonatype is a organization tracked across 2 threat clusters and 2 intelligence report mentions on ThreatCluster. First observed April 1, 2026; most recent activity May 26, 2026.
A new supply chain attack, dubbed 'Mini Shai-Hulud', has compromised multiple npm packages related to SAP's Cloud Application Programming Model (CAP). This attack involves injecting malicious preinstall scripts into…
Sonatype's recent articles emphasize the vulnerabilities associated with standard container scanning tools. Many organizations depend on these tools for compliance, focusing primarily on perimeter defenses such as…