Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security
Read More about The Week in Security: Barracuda email flaw left open for months, calls for AI governance turn existential
The ReversingLabs research team has identified a novel attack on PyPI using compiled Python code to evade detection — possibly the first attack to take advantage of PYC file direct execution.
Read More about When byte code bites: Who checks the contents of compiled Python files?
Experts warn ChatGPT-based coding could do to us what an asteroid did to the dinosaurs. Hype — or heads-up to reckon with?
Read More about ‘Extinction risk’: Could code-writing AI wipe out humans via software backdoors?
Nvidia's tool is among the first to promise to manage the risk from generative AI. Here's what it can do — and an analysis of the scope of risk from AI.
Read More about Can AI-based software supply chain risk be tamed by NeMo Guardrails?
The new Chief Operating Officer at ReversingLabs talks about the challenge of securing software supply chains — and the promise ReversingLabs offers.
Read More about Q&A with ReversingLabs COO Peter Doggart: With software supply chain security, 'your brand is at stake'
Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: Application security, cybersecurity, and beyond.
Read More about The Week in Security: Lazarus targets Microsoft servers in espionage campaign, the future of PyPI
In a recent survey, 300 IT and software pros were asked about the state of software supply chain security. Here are takeaways from a webinar discussion.
Read More about Practitioners reveal growing concerns about software security
John Jackson and his Sakura Samurai crew took India up on an invitation to test the security of government websites and apps. Here are the lessons learned.
Read More about Red teaming a country: Lessons learned from hacking India's government
The Python repo was flooded with malicious typo-squatting packages. Weekend warriors quit defense and hit pause.
Read More about PyPI paused as automated attack overwhelms admins
The cost of attacks on software supply chains could exceed $80.6B by 2026, a 76% increase over the $45.8B expected in 2023, a market research firm finds.
Read More about Too costly to fail — and about to get costlier: Why software security matters
ReversingLabs researchers discovered two malicious packages that contained TurkoRat, an open source infostealer that lurked on npm for two months before being detected.
Read More about RATs found hiding in the npm attic
Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond.
Read More about The Week in Security: Capita AWS bucket exposes benefits data, Toyota leaks customer data on 2M
Learn how ReversingLabs threat intelligence indicator feeds can enhance Microsoft Sentinel. Plus, get a free trial of Early Detection of Ransomware for Sentinel.
Read More about How to Use Threat Intelligence Indicator Feeds with Microsoft Sentinel
Stolen keys allow bootkits to avoid Intel’s “Guard” features. And there’s no way to revoke them.
Read More about Lessons from MSI's UEFI key breach: How safe are the secrets in your software?
The path to success for SBOMs faces many hurdles. Here are key factors that threaten your investments.
Read More about 7 obstacles to success with software bills of materials