RL Blog
brown glass bottle of poison

Indirect prompt injection attacks target common LLM data sources

Malicious instructions buried in LLM sources such as documents can poison ML models. Here's how it works — and how to protect your AI systems.

Read More about Indirect prompt injection attacks target common LLM data sources
Indirect prompt injection attacks target common LLM data sources
big sign that says manage your risk

SaaS risk is on the rise: 7 action items for better management

The rapid rise of SaaS apps has spawned new risks. One new hopeful stands out: The SaaSBOM. Here are key steps that help rein them in.

Read More about SaaS risk is on the rise: 7 action items for better management
SaaS risk is on the rise: 7 action items for better management
man in suit hands holding AI

MIT researchers tame AI code with new controls

The sequential Monte Carlo method guides LLMs to produce code that plays by basic programming rules. Here's what you need to know.

Read More about MIT researchers tame AI code with new controls
MIT researchers tame AI code with new controls
third-party risk

Mobile and third-party risk: How legacy testing leaves you exposed

Without modern application security tooling, including binary analysis, the third-party risk management puzzle is incomplete.

Read More about Mobile and third-party risk: How legacy testing leaves you exposed
Mobile and third-party risk: How legacy testing leaves you exposed
people working at laptops

Secrets leaks increase — and expand beyond the codebase

Leaks from GitHub and other repos are up, but collaboration tools such as Slack and Jira are now a major threat — and a serious blind spot.

Read More about Secrets leaks increase — and expand beyond the codebase
Secrets leaks increase — and expand beyond the codebase
matrix of icons coming out of a tablet

Rise of the xBOM: The new go-to tool for software security

CycloneDX 1.6's ML-BOM, SaaSBOM, and CBOM are non-negotiable visibility requirements in the software supply chain security era.

Read More about Rise of the xBOM: The new go-to tool for software security
Rise of the xBOM: The new go-to tool for software security
cube labelled ml-bom

Secure Your AI Supply Chain with the ML-BOM

The ML-BOM capability in RL's Spectra Assure SAFE Report provides immediate visibility into every ML model in your environment.

Read More about Secure Your AI Supply Chain with the ML-BOM
Secure Your AI Supply Chain with the ML-BOM
xBOM in block text

What is the xBOM?

Understand the difference between the SBOM and xBOM — and how it impacts software supply chain security.

Read More about What is the xBOM?
What is the xBOM?
microphone in front of blue curtain

Verizon 2025 DBIR: Third-party software risk takes the spotlight

The latest Data Breach Investigations Report puts the focus squarely on third-party risk. Here’s what you need to know.

Read More about Verizon 2025 DBIR: Third-party software risk takes the spotlight
Verizon 2025 DBIR: Third-party software risk takes the spotlight
cute hamster

Changes to CVE program are a call to action on your AppSec strategy

The CVE's challenges mean it's time to get off the vulnerability hamster wheel and modernize your risk program.

Read More about Changes to CVE program are a call to action on your AppSec strategy
Changes to CVE program are a call to action on your AppSec strategy
decapitated robot toy

NIST's adversarial ML guidance: 6 action items for your security team

ML attacks are evolving, putting mitigation a step behind. Here’s what to focus on — and why traditional AppSec tooling is not up to the job.

Read More about NIST's adversarial ML guidance: 6 action items for your security team
NIST's adversarial ML guidance: 6 action items for your security team
mug with text that says we're hiring

The cybersecurity job market is complicated: 3 key insights

While the state of cybersecurity careers is confusing, key trends are driving companies to think big-picture — and outside of traditional roles.

Read More about The cybersecurity job market is complicated: 3 key insights
The cybersecurity job market is complicated: 3 key insights
red road sign that says breakthrough

Quantum delivers really random numbers: How that boosts AppSec

Quantum random number generators can make software — including software development secrets — more secure. Here's how it works.

Read More about Quantum delivers really random numbers: How that boosts AppSec
Quantum delivers really random numbers: How that boosts AppSec
red microchip with bitcoin logo

Atomic and Exodus crypto wallets targeted in malicious npm campaign

RL researchers have identified yet another npm package that uses malicious patching of local software to hijack cryptocurrency transfers.

Read More about Atomic and Exodus crypto wallets targeted in malicious npm campaign
Atomic and Exodus crypto wallets targeted in malicious npm campaign
retro toy robot

Vibe coding: What automating development means for AppSec

Vibe coding — AI coding using prompt engineering — is making application security more challenging. Here's what you need to know.

Read More about Vibe coding: What automating development means for AppSec
Vibe coding: What automating development means for AppSec
Previous1...131415...58Next

Topics

All Blog PostsAppSec & Supply Chain SecurityDev & DevSecOpsProducts & TechnologySecurity OperationsThreat Research
Why RL Built Spectra Assure Community

Why RL Built Spectra Assure Community

We set out to help dev and AppSec teams secure the village: OSS dependencies, malware, more. Learn how.

Read More about Why RL Built Spectra Assure Community
Why RL Built Spectra Assure Community

Follow us

XX / TwitterLinkedInLinkedInFacebookFacebookInstagramInstagramYouTubeYouTubeblueskyBluesky

Subscribe

Get the best of RL Blog delivered to your in-box weekly. Stay up to date on key trends, analysis and best practices across threat intelligence and software supply chain security.

The inaugural Gartner® Magic Quadrant™ for Software Supply Chain Security is outGET THE REPORT
Skip to main content
Contact UsSupportBlogCommunity
reversinglabsReversingLabs: Home
Solutions
Secure Software OnboardingSecure Build & ReleaseProtect Virtual MachinesIntegrate Safe Open SourceGo Beyond the SBOM
Increase Email Threat ResilienceDetect Malware in File Shares & StorageAdvanced Malware Analysis SuiteICAP Enabled Solutions
Scalable File AnalysisHigh-Fidelity Threat IntelligenceCurated Ransomware FeedAutomate Malware Analysis Workflows
Products & Technology
Spectra Assure®Software Supply Chain SecuritySpectra DetectHigh-Speed, High-Volume, Large File AnalysisSpectra AnalyzeIn-Depth Malware Analysis & Hunting for the SOCSpectra IntelligenceAuthoritative Reputation Data & Intelligence
Spectra CoreIntegrations
Industry
Energy & UtilitiesFinanceHealthcareHigh TechPublic Sector
Partners
Become a PartnerValue-Added PartnersTechnology PartnersMarketplacesOEM Partners
Alliances
Resources
BlogContent LibraryCybersecurity GlossaryConversingLabs PodcastEvents & WebinarsLearning with ReversingLabsWeekly Insights Newsletter
Customer StoriesDemo VideosDocumentationOpenSource YARA Rules
Company
About UsLeadershipCareersSeries B Investment
EventsBlack Hat 2026
Press ReleasesIn the News
Pricing
Software Supply Chain SecurityMalware Analysis and Threat Hunting
Request a demo
Menu

Spectra Assure Free Trial

Get your 14-day free trial of Spectra Assure for Software Supply Chain Security

Get Free TrialMore about Spectra Assure Free Trial
Blog
Events
About Us
Webinars
In the News
Careers
Demo Videos
Cybersecurity Glossary
Contact Us
reversinglabsReversingLabs: Home
Privacy PolicyCookiesImpressum
All rights reserved ReversingLabs © 2026
XX / TwitterLinkedInLinkedInFacebookFacebookInstagramInstagramYouTubeYouTubeblueskyBlueskyRSSRSS
Back to Top