Blog | ReversingLabs (27)

July 18, 2023

JumpCloud 'nation state’ phishing attack spotlights third-party risk management

The big-fish IAMaaS cloud identity service provider opens its kimono. What can you learn from the exposure?

July 17, 2023

Federal security guidance: Been there, done that

CISA and NSA issued security guidance on continuous integration/continuous delivery environments — but missed an opportunity to escalate the conversation.

July 13, 2023

The Week in Security: Chinese hackers breach government email, AI models easily poisoned

This week: A Chinese-based hacking group has used stolen authentication tokens to breach government email accounts. Also: AI LLMs can easily be poisoned.

July 12, 2023

CycloneDX 1.5: The next big step for SBOMs and software transparency

With CycloneDX 1.5, OWASP is introducing a number of new types of SBOMs. Here's a full run-down on changes — and what they mean for software transparency.

July 11, 2023

EU-US data transfers back in hotseat: Security of user data adds to privacy concerns

Privacy of user data is one thing, but security of that data is equally important.

July 11, 2023

Introducing new capabilities to continuously improve software supply chain security

Meet ReversingLabs Software Supply Chain Security's new feature: Levels. It delivers automated roadmaps to remediate malware, tampering, and other risks.

July 10, 2023

TPRM survey: Prioritize end-to-end supply chain security — or fail

Here's what you need to know about third-party risk management — and why to prioritize comprehensive supply chain security.

July 9, 2023

New Features for ReversingLabs TitaniumScale, Version 3.4

We are pleased to announce the launch of TitaniumScale Version 3.4, representing another significant milestone in our ongoing commitment to delivering high-quality solutions.

July 7, 2023

From the Labs: YARA Rule for Detecting StealC

In this edition of From the Labs, we contextualize StealC, a popular malware infostealer that has become a favored tool for cybercriminals.

July 6, 2023

Operation Brainleeches: Malicious npm packages fuel supply chain and phishing attacks

“Write once, infect everywhere” might be the new cybercrime motto, with newly discovered campaigns showing malicious npm packages powering phishing kits and supply chain attacks.

July 6, 2023

The Week in Security: Third-party breach exposes customer to LockBit, countries team to block DDoS

Yet another third-party vendor breach leaves customer vulnerable to ransomware. Also: The UAE teamed up with Israel to defend against a major DDoS attack.

July 5, 2023

Here’s MITRE’s top-25 CWE list — with your old vulnerability category favorites

C’mon, dev teams — it's about time to get serious about memory safety, XSS and SQLi.

Software Supply Chain Security

File Security

Security Operations

Products

Technology

Industry

Partners

Alliances

Resources

Company

Events

Press

JumpCloud 'nation state’ phishing attack spotlights third-party risk management

Federal security guidance: Been there, done that

The Week in Security: Chinese hackers breach government email, AI models easily poisoned

CycloneDX 1.5: The next big step for SBOMs and software transparency

EU-US data transfers back in hotseat: Security of user data adds to privacy concerns

Introducing new capabilities to continuously improve software supply chain security

TPRM survey: Prioritize end-to-end supply chain security — or fail

New Features for ReversingLabs TitaniumScale, Version 3.4

From the Labs: YARA Rule for Detecting StealC

Operation Brainleeches: Malicious npm packages fuel supply chain and phishing attacks

The Week in Security: Third-party breach exposes customer to LockBit, countries team to block DDoS

Here’s MITRE’s top-25 CWE list — with your old vulnerability category favorites

Topics

Special Reports

The 2025 Software Supply Chain Security Report

Upcoming Webinars

ConversingLabs

Topics

Follow us

Subscribe

Special Reports