Blog | ReversingLabs | Paul Roberts (4)

March 21, 2023

How to mitigate secrets risk — and prevent future breaches

Leaks and exposures of sensitive information in open source and proprietary code repositories are approaching epidemic proportions.

March 14, 2023

How hackers access secrets

Here’s how attackers are finding software development secrets buried in code repositories — and exploiting them.

February 23, 2023

Why devs and repos spill secrets

The Circle CI breach and other hacks expose why the secrets problem is so prolific. Here's what you need to know about the state of secrets security.

February 8, 2023

Leaky app gives researcher 'total, global control' over the Toyota supplier network

A researcher discovered a JsonWebToken flaw in a Toyota app that gave access to corporate user accounts, as well as suppliers — and even Toyota parts.

January 26, 2023

The Week in Security: After breach, 'unusual activity' detected in GoTo and LastPass dev environments

This week: GoTo says its 2022 breach was worse than reported, also affecting LastPass. Also: A hacktivist finds FBI No Fly list on an unsecured server.

January 11, 2023

After hack, CircleCI tells devs to update secrets now

In this latest attack on software development environments, the CircleCI platform may have exposed secrets used by millions of software developers.

January 11, 2023

Danger: Researchers exploit gaps in connected vehicle software supply chain

Researchers compromised source code and development infrastructure for Mercedes-Benz and SiriusXM Connected Vehicle Services, raising security concerns.

December 7, 2022

New supply chain mandates: Uncle Sam wants you (to secure your software)!

Here are the key elements of Executive Order 14028, and software supply chain security guidance from the Enduring Security Framework working group.

October 31, 2022

National Cyber Director: Higher bar for software supply chain security is key to cyber resilience

National Cyber Director Chris Inglis said the government is setting a new bar for supply chain security as the focus shifts from response to resilience.

October 20, 2022

SBOMs are coming for medical devices. Prof. Kevin Fu explains what to expect

The medical device sector is under pressure to improve software supply chain security, and software bills of materials (SBOMs) are front and center. ReversingLabs talks with Dr. Kevin Fu of the Archimedes Center at University of Michigan about what to expect.

September 26, 2022

Gaps in the NVD increase U.S. cyber threat

Discrepancies in national vulnerability database reports show the U.S. lags behind China, possibly exposing U.S. firms to cyber attacks, Sophos finds.

September 23, 2022

The pandemic turned out to be a boon for public-private cybersecurity cooperation

The shift to remote work punched holes in government networks. But it also fostered a transformation in public-private cooperation, one NSA official noted at LabsCon.

Software Supply Chain Security

File Security

Security Operations

Products

Technology

Industry

Partners

Alliances

Resources

Company

Events

Press

How to mitigate secrets risk — and prevent future breaches

How hackers access secrets

Why devs and repos spill secrets

Leaky app gives researcher 'total, global control' over the Toyota supplier network

The Week in Security: After breach, 'unusual activity' detected in GoTo and LastPass dev environments

After hack, CircleCI tells devs to update secrets now

Danger: Researchers exploit gaps in connected vehicle software supply chain

New supply chain mandates: Uncle Sam wants you (to secure your software)!

National Cyber Director: Higher bar for software supply chain security is key to cyber resilience

SBOMs are coming for medical devices. Prof. Kevin Fu explains what to expect

Gaps in the NVD increase U.S. cyber threat

The pandemic turned out to be a boon for public-private cybersecurity cooperation

Topics

Special Reports

The 2025 Software Supply Chain Security Report

Upcoming Webinars

ConversingLabs

Topics

Follow us

Subscribe

Special Reports