The Hacker News

Shai-Hulud v2 Spreads From npm to Maven, as Campaign Exposes Thousands of Secrets

"As a new and significantly more aggressive wave of npm supply chain malware, Shai-Hulud 2 combines stealthy execution, ...
TheServerSide

The top Java deployment tools to use on your next project

As software development teams get larger, application packaging and deployment tasks become much harder. Handwritten scripts and low-level JDK utility calls just don't scale as teams grow, which is ...
heise online

Google's vulnerability scanner checks container layers and Maven projects

Google has released the second version of its vulnerability scanner for open-source projects, which now performs in-depth analyses in complex projects and containers. It also supports Java projects ...