Petar Kirhmajer

Threat Researcher, ReversingLabs.

Posts from Petar Kirhmajer

July 8, 2025

Malicious pull request infects VS Code extension

ETHcode, a VS Code extension for Ethereum smart contract development, was compromised following a GitHub pull request.

Read More about Malicious pull request infects VS Code extension

Malicious pull request infects VS Code extension

March 26, 2024

Suspicious NuGet package grabs data from industrial systems

Here's what the RL research team knows about the suspicious SqzrFramework480 campaign, which is still available on the NuGet repository.

Read More about Suspicious NuGet package grabs data from industrial systems

Suspicious NuGet package grabs data from industrial systems

February 20, 2024

Attackers leverage PyPI to sideload malicious DLLs

RL discovered two malicious packages and a subsequent larger campaign, showing that the approach is an emerging software supply chain attack method.

Read More about Attackers leverage PyPI to sideload malicious DLLs

Attackers leverage PyPI to sideload malicious DLLs