RL Blog
squeegee wiping across sky

SEC action raises the bar on software transparency

Four firms have been fined for playing down how the SolarWinds attack impacted them. It’s part of a government push for greater supply chain transparency.

Read More about SEC action raises the bar on software transparency
SEC action raises the bar on software transparency
dart board with dart on bullseye

AI-based fuzzing targets open-source LLM vulnerabilities

Google researchers using OSS-Fuzz have identified 26 vulnerabilities, but experts warn that AI fuzzing is not a panacea for AI/ML security.

Read More about AI-based fuzzing targets open-source LLM vulnerabilities
AI-based fuzzing targets open-source LLM vulnerabilities
computer insides with lit up bitcoin

Compromised ultralytics PyPI package delivers crypto coinminer

A compromised build environment led to a malicious deployment of a popular AI library that had the potential of delivering other malware.

Read More about Compromised ultralytics PyPI package delivers crypto coinminer
Compromised ultralytics PyPI package delivers crypto coinminer
aws re invent on purple background

Secure Your AWS Environments: Go Beyond Traditional Tooling in 2025

Whether it is managing a data lake, orchestrating CI/CD pipelines, or safeguarding data, your security needs are evolving — and so must your strategy.

Read More about Secure Your AWS Environments: Go Beyond Traditional Tooling in 2025
Secure Your AWS Environments: Go Beyond Traditional Tooling in 2025
gold bitcoin sticking out of leather wallet

Malware found in Solana npm library raises the bar for crypto security

Two recent versions of the Solana web3.js open source library were infected with code to steal private keys, putting crypto platforms and wallets at risk.

Read More about Malware found in Solana npm library raises the bar for crypto security
Malware found in Solana npm library raises the bar for crypto security
net catching fish in tank

.Net Devs Can Now Vet NuGet Packages with the Spectra Assure Community

The RL community's search interface allows software development teams to quickly assess risk before choosing or updating open source NuGet packages.

Read More about .Net Devs Can Now Vet NuGet Packages with the Spectra Assure Community
.Net Devs Can Now Vet NuGet Packages with the Spectra Assure Community
construction worker climbing stairway into sky

The state of AppSec tooling: Step up to modern software security

Organizations are struggling with outdated tools. Here's what you need to know about modernizing your AppSec tooling for today's supply chain threats.

Read More about The state of AppSec tooling: Step up to modern software security
The state of AppSec tooling: Step up to modern software security
elephant crossing street sign

Why shift left alone can't manage your software risk

The state of application security was on the agenda at the Elephant in AppSec Conference. One clear takeaway: Modern threats demand an all-in approach.

Read More about Why shift left alone can't manage your software risk
Why shift left alone can't manage your software risk
caution wet floor sign

Software liability gets real: 5 ways to get ahead of the EU's new directive

Here's what your organization needs to know about the Product Liability Directive — and how to avoid any slip-ups.

Read More about Software liability gets real: 5 ways to get ahead of the EU's new directive
Software liability gets real: 5 ways to get ahead of the EU's new directive
bitcoin in computer chip

Malicious PyPI crypto pay package aiocpa implants infostealer code

The incident demonstrates how machine learning-based threat hunting can help development teams spot threats other tools miss.

Read More about Malicious PyPI crypto pay package aiocpa implants infostealer code
Malicious PyPI crypto pay package aiocpa implants infostealer code
dart board with dart on bullseye

OWASP Top 10 for LLM adds risks: Get on target to secure your AI models

OWASP has updated its Top 10 list with key risk areas, and recently added an AppSec tooling guide for AI. Here's what they cover — and what they don't.

Read More about OWASP Top 10 for LLM adds risks: Get on target to secure your AI models
OWASP Top 10 for LLM adds risks: Get on target to secure your AI models
treasure chest of bitcoin

Differential analysis raises red flags over @lottiefiles/lottie-player

Three versions of the popular package were infected and used to spread malicious code that was stealing crypto wallet assets.

Read More about Differential analysis raises red flags over @lottiefiles/lottie-player
Differential analysis raises red flags over @lottiefiles/lottie-player
man pushing boulder up slope

CISA's secure software deployment push: Key takeaways for AppSec teams

To avoid the next CrowdStrike fiasco, CISA and other agencies recommend embracing safe deployment practices earlier in the SDLC. Here's what you need to know.

Read More about CISA's secure software deployment push: Key takeaways for AppSec teams
CISA's secure software deployment push: Key takeaways for AppSec teams
plastic textured curve

Gauging the Safety Level of Your Software with Spectra Assure

Quickly understand the current level of software safety, which threats require immediate action, and how the other risks and exposures can be addressed over time.

Read More about Gauging the Safety Level of Your Software with Spectra Assure
Gauging the Safety Level of Your Software with Spectra Assure
man holding concrete walls open

AppSec vs. product security: Secure by Design demands a strategy shift

Here's why and how to push your application security further into ProdSec — and what that means to achieving the goals of CISA's Secure by Design.

Read More about AppSec vs. product security: Secure by Design demands a strategy shift
AppSec vs. product security: Secure by Design demands a strategy shift
Previous1...171819...58Next

Topics

All Blog PostsAppSec & Supply Chain SecurityDev & DevSecOpsProducts & TechnologySecurity OperationsThreat Research
Why RL Built Spectra Assure Community

Why RL Built Spectra Assure Community

We set out to help dev and AppSec teams secure the village: OSS dependencies, malware, more. Learn how.

Read More about Why RL Built Spectra Assure Community
Why RL Built Spectra Assure Community

Follow us

XX / TwitterLinkedInLinkedInFacebookFacebookInstagramInstagramYouTubeYouTubeblueskyBluesky

Subscribe

Get the best of RL Blog delivered to your in-box weekly. Stay up to date on key trends, analysis and best practices across threat intelligence and software supply chain security.

The inaugural Gartner® Magic Quadrant™ for Software Supply Chain Security is outGET THE REPORT
Skip to main content
Contact UsSupportBlogCommunity
reversinglabsReversingLabs: Home
Solutions
Secure Software OnboardingSecure Build & ReleaseProtect Virtual MachinesIntegrate Safe Open SourceGo Beyond the SBOM
Increase Email Threat ResilienceDetect Malware in File Shares & StorageAdvanced Malware Analysis SuiteICAP Enabled Solutions
Scalable File AnalysisHigh-Fidelity Threat IntelligenceCurated Ransomware FeedAutomate Malware Analysis Workflows
Products & Technology
Spectra Assure®Software Supply Chain SecuritySpectra DetectHigh-Speed, High-Volume, Large File AnalysisSpectra AnalyzeIn-Depth Malware Analysis & Hunting for the SOCSpectra IntelligenceAuthoritative Reputation Data & Intelligence
Spectra CoreIntegrations
Industry
Energy & UtilitiesFinanceHealthcareHigh TechPublic Sector
Partners
Become a PartnerValue-Added PartnersTechnology PartnersMarketplacesOEM Partners
Alliances
Resources
BlogContent LibraryCybersecurity GlossaryConversingLabs PodcastEvents & WebinarsLearning with ReversingLabsWeekly Insights Newsletter
Customer StoriesDemo VideosDocumentationOpenSource YARA Rules
Company
About UsLeadershipCareersSeries B Investment
EventsBlack Hat 2026
Press ReleasesIn the News
Pricing
Software Supply Chain SecurityMalware Analysis and Threat Hunting
Request a demo
Menu

Spectra Assure Free Trial

Get your 14-day free trial of Spectra Assure for Software Supply Chain Security

Get Free TrialMore about Spectra Assure Free Trial
Blog
Events
About Us
Webinars
In the News
Careers
Demo Videos
Cybersecurity Glossary
Contact Us
reversinglabsReversingLabs: Home
Privacy PolicyCookiesImpressum
All rights reserved ReversingLabs © 2026
XX / TwitterLinkedInLinkedInFacebookFacebookInstagramInstagramYouTubeYouTubeblueskyBlueskyRSSRSS
Back to Top