SharePoint zero-day: What we know
The software supply chain incident highlights how quickly threat actors can turn newly revealed vulnerabilities into widespread attacks.
Read More about SharePoint zero-day: What we knowCarolynn van Arsdale
Writer, ReversingLabs. Carolynn is a reporter, writer, and researcher in the cybersecurity space. She has written for several publications, such as The Security Ledger and Security Boulevard. She has been involved in podcast and event production, and now produces ConversingLabs, a ReversingLabs podcast. Prior to joining ReversingLabs, Carolynn held communication roles in the non-profit and higher education spaces. Her official title at ReversingLabs is Manager, Content Marketing.
Posts from Carolynn van Arsdale
SharePoint zero-day: What we know
Why complex binary analysis is an essential tool for TPSRM
Software procurement is risky business. Learn why outdated tooling doesn’t cut it — and how modern technologies can provide much-needed transparency.
Read More about Why complex binary analysis is an essential tool for TPSRM
What is the xBOM?
Understand the difference between the SBOM and xBOM — and how it impacts software supply chain security.
Read More about What is the xBOM?
Verizon 2025 DBIR: Third-party software risk takes the spotlight
The latest Data Breach Investigations Report puts the focus squarely on third-party risk. Here’s what you need to know.
Read More about Verizon 2025 DBIR: Third-party software risk takes the spotlight
The race to secure the AI/ML supply chain is on — get out front
Software supply chain risks from artificial intelligence and machine learning are getting real. Here are key insights from RL’s new report.
Read More about The race to secure the AI/ML supply chain is on — get out front
CVEs lose relevance: Get proactive — and think beyond vulnerabilities
More cracks in the NVD emerge, making the CVE system less useful. Shift your approach to keep up with software risk.
Read More about CVEs lose relevance: Get proactive — and think beyond vulnerabilities
Crypto malware attacks: 23 supply chain incidents set off alarms
Target on back-alert: Open source was increasingly exploited in attacks on cryptocurrency infrastructure and apps in 2024.
Read More about Crypto malware attacks: 23 supply chain incidents set off alarms
The year in ransomware: Security lessons to help you stay one step ahead
Ransomware kept its stride in 2024. In 2025, threat actors are moving toward targeting key parts of the software supply chain. Here are key lessons.
Read More about The year in ransomware: Security lessons to help you stay one step ahead
OSS in the crosshairs: Cryptomining hacks highlight key new threat
Hacks of rspack, vant highlight the growing trend of cryptomining compromises spreading via top open-source packages.
Read More about OSS in the crosshairs: Cryptomining hacks highlight key new threat