ReversingLabs Accelerates Strategy to Secure Software Supply Chain, Appoints Peter Doggart as Chief Operating Officer
Read More
Secrets Exposed: An Essential Guide to Securing Secrets in Software
Read eBook
New App Sec Series | Software Package Deconstruction
Learn More
ReversingLabs and Synopsys Join Forces to Combat Software Supply Chain Threats
Learn More

ReversingLabs Blog

When byte code bites: Who checks the contents of compiled Python files?
June 1, 2023

When byte code bites: Who checks the contents of compiled Python files?

ReversingLabs researchers identified a PyPI attack using compiled Python code to evade detection — possibly the first PYC file direct-execution attack.
Read More
The state of app sec with Chris Romeo: The year of the application is near
June 1, 2023

The state of app sec with Chris Romeo: The year of the application is near

ConversingLabs caught up with Chris Romeo of Kerr Ventures at RSA Conference 2023 to talk about the state of application security. Watch (or listen) — and learn.
Read More
The Week in Security: Barracuda email flaw left open for months, calls for AI governance turn existential
June 1, 2023

The Week in Security: Barracuda email flaw left open for months, calls for AI governance turn existential

This week: Barracuda’s appliances had an undetected flaw, which was abused by hackers for months. Also: Could AI bring on an ‘extinction event?’
Read More
‘Extinction risk’: Could code-writing AI wipe out humans via software backdoors?
May 31, 2023

‘Extinction risk’: Could code-writing AI wipe out humans via software backdoors?

Experts warn ChatGPT-based coding could do to us what an asteroid did to the dinosaurs. Hype — or heads-up to reckon with?
Read More
App sec and AI: Can this new supply chain risk be contained by tools such as NeMo Guardrails?
May 30, 2023

App sec and AI: Can this new supply chain risk be contained by tools such as NeMo Guardrails?

Here's a look at this first example of tools to manage the risk from generative AI — and analysis of the scope of that risk to the software supply chain.
Read More
Q&A with ReversingLabs COO Peter Doggart: With software supply chain security, 'your brand is at stake'
May 25, 2023

Q&A with ReversingLabs COO Peter Doggart: With software supply chain security, 'your brand is at stake'

The new Chief Operating Officer at ReversingLabs, Peter Doggart, talks about the challenge of securing software supply chains — and the promise ReversingLabs offers.
Read More
The Week in Security: Lazarus targets Microsoft servers in espionage campaign, the future of PyPI
May 25, 2023

The Week in Security: Lazarus targets Microsoft servers in espionage campaign, the future of PyPI

This week: North Korean APT Lazarus uses Microsoft IIS servers to carry out espionage. Also: What’s the future of PyPI amidst continuing attacks?
Read More
Software supply chain security reality check: Practitioners reveal growing concern
May 24, 2023

Software supply chain security reality check: Practitioners reveal growing concern

In a recent survey, 300 practitioners were asked about the state of supply chain security. Here are takeaways from a webinar discussion about the survey.
Read More
PyPI paused as automated attack overwhelms admins
May 23, 2023

PyPI paused as automated attack overwhelms admins

Python Package Index was flooded with malicious typo-squatting packages. Weekend warriors quit defense and hit the pause button.
Read More
Red teaming a country: Lessons learned from Sakura Samurai's Indian government hack investigation
May 23, 2023

Red teaming a country: Lessons learned from Sakura Samurai's Indian government hack investigation

John Jackson and his Sakura Samurai crew took India up on an invitation to test the security of government websites and apps. Here are the lessons learned.
Read More
Software supply chain security: Too costly to fail — and about to get costlier
May 22, 2023

Software supply chain security: Too costly to fail — and about to get costlier

Software supply chains attack costs could exceed $80.6B by 2026, a 76% increase over 2023 losses of $45.8B, research firm finds. Here's a full rundown.
Read More
RATs found hiding in the npm attic
May 18, 2023

RATs found hiding in the npm attic

ReversingLabs researchers discovered two malicious packages that contained TurkoRat, an infostealer that lurked on npm for months before being detected.
Read More

SUBSCRIBE

Get the Best of the ReversingLabs newsletter delivered to your in-box weekly to stay up to date on key trends, analysis and best practices across threat intelligence and software supply chain security.

ConversingLabs Cafe: Chris Romeo on the state of application security ConversingLabs Cafe: Chris Romeo on the state of application security
Conversations About Threat Hunting and Software Supply Chain Security
Behaviors & Diffs: Better Together for Software Supply Chain Security Behaviors & Diffs: Better Together for Software Supply Chain Security
Glassboard conversations with ReversingLabs Field CISO Matt Rose
Software Package Deconstruction: Deconstructing UPS Ship Manager Software Package Deconstruction: Deconstructing UPS Ship Manager
Analyzing Risks To Your Software Supply Chain