Blog | ReversingLabs (2)

Threat actor Banana Squad exploits GitHub repos in new campaign

June 18, 2025

Threat actor Banana Squad exploits GitHub repos in new campaign

ReversingLabs researchers discovered more than 60 GitHub repositories that contain hundreds of trojanized files.

TPSRM: What It Is — And Why It Matters

June 18, 2025

TPSRM: What It Is — And Why It Matters

Learn how Third-Party Software Risk Management (TPSRM) builds on TPRM and TPCRM to protect against supply chain attacks and software-based threats.

Why complex binary analysis is an essential tool for TPSRM

June 17, 2025

Why complex binary analysis is an essential tool for TPSRM

Software procurement is risky business. Learn why outdated tooling doesn’t cut it — and how modern technologies can provide much-needed transparency.

Accelerate PQC Migration: How to Leverage CBOMs for Cryptographic Asset Discovery

June 12, 2025

Accelerate PQC Migration: How to Leverage CBOMs for Cryptographic Asset Discovery

Here’s how to achieve crypto-agility and secure your software supply chain with ReversingLabs Spectra Assure’s Cryptography Bills of Materials (CBOM).

DoD issues new marching orders on secure software and SBOMs

June 11, 2025

DoD issues new marching orders on secure software and SBOMs

DoD’s Software Fast Track (SWFT) program steps up supply chain risk management via procurement. Here's what you need to know.

Chat Playground project lets security teams toy with gen AI

June 10, 2025

Chat Playground project lets security teams toy with gen AI

The new tool provides a low-cost approach to testing the security of generative AI chat experiences — though it lacks out-of-band AI controls.

Why Using SCA to Build Your SBOMs is a Risky Proposition

June 3, 2025

Why Using SCA to Build Your SBOMs is a Risky Proposition

Software bills of material generated by software composition analysis tools miss half of the components in final, compiled software packages, a new research report reveals.

CISO's open letter on third-party software risk is a call to action

May 29, 2025

CISO's open letter on third-party software risk is a call to action

JPMorganChase's Pat Opet has raised a red flag. Learn why — and how SaaSBOMs can help your organization get a handle on risk.

Gartner Market Guide for Supply Chain Security: Why You Need a Comprehensive Solution

May 28, 2025

Gartner Market Guide for Supply Chain Security: Why You Need a Comprehensive Solution

Software supply chain security issues are on the rise — and a fragmented tools market may leave companies open to compromise.

Detection as code: How to enhance your real-time threat detection

May 27, 2025

Detection as code: How to enhance your real-time threat detection

DaC can bolster the speed, accuracy, and scalability of your threat detection. Here are five essential steps to getting started.

Malicious attack method on hosted ML models now targets PyPI

May 23, 2025

Malicious attack method on hosted ML models now targets PyPI

RL researchers detected a new malicious campaign that exploits the Pickle file format on the Python Package Index.

How Spectra Assure's SaaSBOM Delivers Software Transparency

May 22, 2025

How Spectra Assure's SaaSBOM Delivers Software Transparency

RL delivers insights into the APIs and services used by a software package, further enhancing transparency beyond a typical SBOM.

‹ previous next ›