$: DevZone |

Life is hard. Dependencies don't have to be.

Breaking news, security deep dives, developer culture and coffee from the stewards of Maven Central.

In Numbers

Our automated system has discovered a total of


packages that are malicious, suspicious, or proof of concept since 2019

We've helped take down


malicious packages from open registries and publicly disclosed them through our channels.

Last Updated: June 19, 2023

Upcoming Events

Cyber Security Summit LA

Los Angeles, CA

Nov 30

Stay In the Know

Sign up for the DevZone newsletter.

Have an awesome story, news tip, a suggestion to share? Drop our editorial team a note at devzone@sonatype.com