GUAC-ALYTICs will use a new algorithmic engine to model risk across open-source software supply chain interdependencies. Here's what you need to know.
Read More about Risk modeling model exposes supply chain's 'hiddenness of knowledge'
A Week of Breaches: The Intersection of Physical and Digital Security Failures
Read More about The Week in Security: Researchers hack 'unbreakable' card-shuffling hardware, Discord.io shut after breach
Four months after the release of Secure by Design/Secure by Default, CISA's software security initiative is little more than an aspirational exercise. Experts explain what it will take.
Read More about CISA's Secure by Design: Too much, too soon?
Purdue researchers expose generative AI tools like Copilot's frequent errors when asked basic development questions.
Read More about AI coding helpers get FAILing grade
The summertime trio of events in Las Vegas — Black Hat, DEF CON, and BSides — is information overload for cybersecurity leaders and practitioners. Here are the sessions that stood out.
Read More about 6 things you may have missed at Hacker Summer Camp
ReversingLabs' 15-year journey started with two researchers coming together with a single mission: To secure all software. Co-founder and CEO Mario Vuksan shares lessons learned.
Read More about ReversingLabs’ path to success: Staying true to customers and the product was key
Jeremy Long, who founded OWASP's Dependency Check Program, urges organizations to shift from traditional AppSec testing to tools that can remediate malicious threats.
Read More about OWASP researcher: Supply chain attacks require going beyond vulnerabilities
Stealthy Connections: The Rising Threat of Cloudflare Tunnel Abuse in Cyber Attacks
Read More about The Week in Security: Cloudflare Tunnels abuse ramps up, U.K. voter data exposed
Deep learning model knows what keys you press — “with 95% accuracy.” The password's days are numbered.
Read More about Listen up, devs: AI trained to overhear passwords
To manage risk, you need to trust the software you produce or consume — and that requires verification, provided by modern tools and a holistic approach.
Read More about Do you trust your software? Why verification matters
Black Hat USA is a showcase for top security experts and companies. Here's our short list of must-see sessions for 2023.
Read More about 8 Black Hat sessions you don’t want to miss
Every summer, teams congregate in Las Vegas to talk about all things cybersecurity. ReversingLabs has a lot going on. Here’s what we're up to at BSides, Black Hat, and DEF CON.
Read More about ReversingLabs @ Hacker Summer Camp: See you there
Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond.
Read More about The Week in Security: Malware gives remote access to air-gapped devices, cyber attackers target Italy
ReversingLabs threat researchers have identified a new malicious PyPI campaign that includes a suspicious VMConnect package published to the PyPI repo.
Read More about VMConnect: Malicious PyPI packages imitate popular open source modules
Your app sec team should factor in more capable malicious AI tools, coming soon.
Read More about FraudGPT / WormGPT: Scammy for now — but a worrying signpost for software security