<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1076912843267184&amp;ev=PageView&amp;noscript=1">
ReversingGlass Video: How Software Supply Chains Go Wrong...in less then 5 minutes.
Watch Now
Read the LATEST Software Supply Chain Security Risk Report
Read Now
Webinar Alert! The Future of Complex Code Destruction
Register Now

ReversingLabs Blog

VMConnect supply chain attack continues, evidence points to North Korea
August 31, 2023

VMConnect supply chain attack continues, evidence points to North Korea

ReversingLabs researchers discovered more packages that are part of the previously identified VMConnect campaign, and evidence linking the campaign to North Korean threat actors.
Read More
10 Hacker Summer Camp speakers to follow year-round
August 30, 2023

10 Hacker Summer Camp speakers to follow year-round

Why does expert cybersecurity knowledge sharing have to stop in Las Vegas? Follow these top speakers year-round.
Read More
The Week in Security: WinRAR exploit targets traders, malicious npm packages go after game devs
August 24, 2023

The Week in Security: WinRAR exploit targets traders, malicious npm packages go after game devs

Hackers are exploiting a zero-day to target crypto and stock traders, RL discovers over a dozen malicious npm packages targeting Roblox game developers.
Read More
Supply chain security: Is technical debt weighing your team down?
August 23, 2023

Supply chain security: Is technical debt weighing your team down?

Vulnerability management and piecemeal app sec testing are like paying the interest only on mounting security technical debt. Where do you stand?
Read More
Fake Roblox packages target npm with Luna Grabber info-stealing malware
August 22, 2023

Fake Roblox packages target npm with Luna Grabber info-stealing malware

ReversingLabs identified more than a dozen malicious packages targeting Roblox users on the npm public repository, recalling an attack from 2021.
Read More
Risk modeling initiative aims to expose the 'hiddenness of knowledge' in the supply chain
August 21, 2023

Risk modeling initiative aims to expose the 'hiddenness of knowledge' in the supply chain

GUAC-ALYTICs will model risk across open source software supply chain interdependencies using a new algorithmic engine. Here's what you need to know.
Read More
The Week in Security: Researchers hack 'unbreakable' card-shuffling hardware, Discord.io shut after breach
August 17, 2023

The Week in Security: Researchers hack 'unbreakable' card-shuffling hardware, Discord.io shut after breach

This week: Ocean's 1337, anyone? After a popular card shuffling machine was declared secure and unbreakable, security researchers from IOActive decided to take a closer look. What they found may (not) surprise you! Also: a vulnerability could be behind a breach that spilled info on more than 700,000 Discord users.
Read More
CISA's Secure by Design: Too much, too soon?
August 16, 2023

CISA's Secure by Design: Too much, too soon?

Four months after the release of Secure by Design/Secure by Default, CISA's software security initiative is little more than an aspirational exercise.
Read More
6 things you may have missed at Hacker Summer Camp
August 15, 2023

6 things you may have missed at Hacker Summer Camp

Black Hat, DEF CON, and BSides (Hacker Summer Camp) is known for being information-overload for cybersecurity leaders and practitioners. Here are the sessions that stand out.
Read More
AI coding helpers get FAILing grade
August 15, 2023

AI coding helpers get FAILing grade

Purdue researchers expose generative AI tools like Copilot's frequent errors when asked basic development questions. Only fools rush in.
Read More
OWASP researcher: Supply chain attacks show organizations must shift beyond vulnerabilities
August 14, 2023

OWASP researcher: Supply chain attacks show organizations must shift beyond vulnerabilities

Researcher Jeremy Long says organizations need to shift from traditional app sec testing to tools that can remediate malicious threats.
Read More
ReversingLabs’ path to success: Staying true to customers and the product was key
August 14, 2023

ReversingLabs’ path to success: Staying true to customers and the product was key

ReversingLabs' 15-year journey started with two researchers coming together with a single mission: to better secure software. Co-founder and CEO Mario Vuksan shares lessons learned.
Read More

SUBSCRIBE

Get our blog delivered to your in-box weekly to stay up to date on key trends, analysis and best practices across threat intelligence and software supply chain security.

Apple Devices as a Growing Attack Vector Apple Devices as a Growing Attack Vector
Conversations About Threat Hunting and Software Supply Chain Security
ReversingGlass: EPSS 3.0 + CVSS: Why Prioritizing Software Risk is Key ReversingGlass: EPSS 3.0 + CVSS: Why Prioritizing Software Risk is Key
Glassboard conversations with ReversingLabs Field CISO Matt Rose