ReversingLabs Blog

Richi Jennings

Richi Jennings
Independent industry analyst, editor, and content strategist. Richi Jennings is a former developer and marketer. He’s also written or edited for Computerworld, Microsoft, Cisco, Micro Focus, HashiCorp, Ferris Research, Osterman Research, DevOps.com, Orthogonal Thinking, Native Trust, Elgan Media, Petri, Cyren, Agari, Webroot, HP, HPE, NetApp on Forbes and CIO.com. Bizarrely, his ridiculous work has even won awards from the American Society of Business Publication Editors, ABM/Jesse H. Neal, and B2B Magazine.

Recent Posts from Richi Jennings

January 24, 2023

Move over, npm: Now VS Code extensions can’t be trusted

It’s super easy to spoof Visual Studio Code extensions. And it’s incredibly hard to detect. In this week’s Secure Software Blogwatch, we run and hide.
January 18, 2023

GitHub Copilot’s ML ‘Code Brushes’: Ready for a Bob Ross ‘happy little accident’?

Machine learning can be a cognitive crutch, causing code vulnerabilities. Use with extreme caution!
January 11, 2023

If you don't love me now: JsonWebToken could break the software supply chain (again)

The JsonWebToken library has a serious flaw, which could lead to remote code execution. While exploitability is questionable, it could be a big problem.
January 4, 2023

PyTorch supply chain attack: Dependency confusion burns DevOps

The PyTorch open source software supply chain was compromised by a hacker publishing a malicious torchtriton clone on PyPI. Here's the craic.
December 20, 2022

DraftKings fantasy? How YOU can prevent credential stuffing attacks

There’s been a huge uptick in credential stuffing attacks, including at DraftKings. But dev teams can easily prevent it.
December 14, 2022

Ahoy! More insecure code washes ashore with AlphaCode

Here comes AlphaCode: Another AI code-generating parlor trick spitting out vulnerabilities. Is your software security team ready for the onslaught?
December 7, 2022

ChatGPT: Parlor trick or Stack Overflow replacement?

The initial flush of enthusiasm for ChatGPT has waned. And quite a few of the bugs in the buggy code it spits out are exploitable security vulnerabilities.
November 30, 2022

Meta’s GDPR fine: Why your DevOps needs red teaming

Meta’s been fined $276 million for scraping data. What can you do to prevent this in your dev shop?