InfoWorld

Java developers get repository help

Sonatype on Tuesday is offering a tool for Java developers to manage internal Maven-based code repositories and access external Maven repositories. The company’s Nexus 1.0 product is a Maven ...
Threat Post

Java Code Repository Riddled with Hidden Log4j Bugs; Here’s Where to Look

There are 17,000 unpatched Log4j packages in the Maven Central ecosystem, leaving massive supply-chain risk on the table from Log4Shell exploits. There’s an enormous amount of software vulnerable to ...