Supply chain security: Is technical debt weighing your team down?
Doing just vulnerability management and piecemeal app sec testing are equivalent to paying only the interest on mounting security technical debt. Where does your organization stand?
Supply chain security: Is technical debt weighing your team down?
Fake Roblox packages target npm with Luna Grabber info-stealing malware
ReversingLabs researchers have identified more than a dozen malicious packages targeting Roblox API users on the npm repository. This latest campaign recalls a 2021 attack.
Risk modeling model exposes supply chain's 'hiddenness of knowledge'
GUAC-ALYTICs will use a new algorithmic engine to model risk across open-source software supply chain interdependencies. Here's what you need to know.
The Week in Security: Researchers hack 'unbreakable' card-shuffling hardware, Discord.io shut after breach
A Week of Breaches: The Intersection of Physical and Digital Security Failures
CISA's Secure by Design: Too much, too soon?
Four months after the release of Secure by Design/Secure by Default, CISA's software security initiative is little more than an aspirational exercise. Experts explain what it will take.
AI coding helpers get FAILing grade
Purdue researchers expose generative AI tools like Copilot's frequent errors when asked basic development questions.
6 things you may have missed at Hacker Summer Camp
The summertime trio of events in Las Vegas — Black Hat, DEF CON, and BSides — is information overload for cybersecurity leaders and practitioners. Here are the sessions that stood out.
ReversingLabs’ path to success: Staying true to customers and the product was key
ReversingLabs' 15-year journey started with two researchers coming together with a single mission: To secure all software. Co-founder and CEO Mario Vuksan shares lessons learned.
OWASP researcher: Supply chain attacks require going beyond vulnerabilities
Jeremy Long, who founded OWASP's Dependency Check Program, urges organizations to shift from traditional AppSec testing to tools that can remediate malicious threats.
The Week in Security: Cloudflare Tunnels abuse ramps up, U.K. voter data exposed
Stealthy Connections: The Rising Threat of Cloudflare Tunnel Abuse in Cyber Attacks
Listen up, devs: AI trained to overhear passwords
Deep learning model knows what keys you press — “with 95% accuracy.” The password's days are numbered.
Do you trust your software? Why verification matters
To manage risk, you need to trust the software you produce or consume — and that requires verification, provided by modern tools and a holistic approach.
8 Black Hat sessions you don’t want to miss
Black Hat USA is a showcase for top security experts and companies. Here's our short list of must-see sessions for 2023.
ReversingLabs @ Hacker Summer Camp: See you there
Every summer, teams congregate in Las Vegas to talk about all things cybersecurity. ReversingLabs has a lot going on. Here’s what we're up to at BSides, Black Hat, and DEF CON.
The Week in Security: Malware gives remote access to air-gapped devices, cyber attackers target Italy
Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond.