Blog | ReversingLabs (28)

June 15, 2023

The Week in Security: Ukraine APT attacks tied to Russia, critical eye placed on AI-generated software

This week: Microsoft finds APT group attacking Ukraine is in cahoots with the Russian government. Also: A critical look at AI-generated software.

June 14, 2023

How to trust open source software: A conversation with OpenSSF's Naveen Srinivasan

In this ConversingLabs Cafe interview, Naveen Srinivasan, a maintainer of the OpenSSF Security Scorecard, talks about evaluating software dependency risk.

June 13, 2023

MOVEit software exploit walks before it runs

Cl0p quietly tested the flaw for two years before launching the full exploit. Lesson: Look both ways before crossing.

June 12, 2023

Self-attestation on software security: What development teams need to know

Software vendors who do business with the federal government now have to prove they are practicing basic supply chain security. Here are the requirements.

June 8, 2023

The Gigabyte firmware backdoor: Lessons learned about supply chain security

Firmware attacks can pose a substantial risk to the software supply chain. Here's what your software security team can learn from the latest compromise.

June 8, 2023

The Week in Security: AI hallucinations linked to software supply chain risk, CI fix deemed critical

Researchers link ChatGPT hallucinations and software supply chain threat. Also, a watch group says better critical infrastructure security is needed.

June 7, 2023

What's the difference between app sec and supply chain security? It's all in the hack

Field CISO Matt Rose explains in this week's ReversingGlass episode the difference between application security hacks and software supply chain hacks.

June 6, 2023

PyPI hackers code sneaky new tactic. Researchers caught 'em red handed

Compiled-code behavior analysis beats old-skool app sec tools.

June 5, 2023

5 AI threats keeping SOC teams up at night

Here are five AI threats that your security operations team should be planning and budgeting for if you want to stay ahead of the emerging threat with AI.

June 1, 2023

When byte code bites: Who checks the contents of compiled Python files?

ReversingLabs researchers identified a PyPI attack using compiled Python code to evade detection — possibly the first PYC file direct-execution attack.

June 1, 2023

The state of app sec with Chris Romeo: The year of the application is near

ConversingLabs caught up with Chris Romeo of Kerr Ventures at RSA Conference 2023 to talk about the state of application security. Watch (or listen) — and learn.

June 1, 2023

The Week in Security: Barracuda email flaw left open for months, calls for AI governance turn existential

This week: Barracuda’s appliances had an undetected flaw, which was abused by hackers for months. Also: Could AI bring on an ‘extinction event?’

Software Supply Chain Security

File Security

Security Operations

Products

Technology

Industry

Partners

Alliances

Resources

Company

Events

Press

The Week in Security: Ukraine APT attacks tied to Russia, critical eye placed on AI-generated software

How to trust open source software: A conversation with OpenSSF's Naveen Srinivasan

MOVEit software exploit walks before it runs

Self-attestation on software security: What development teams need to know

The Gigabyte firmware backdoor: Lessons learned about supply chain security

The Week in Security: AI hallucinations linked to software supply chain risk, CI fix deemed critical

What's the difference between app sec and supply chain security? It's all in the hack

PyPI hackers code sneaky new tactic. Researchers caught 'em red handed

5 AI threats keeping SOC teams up at night

When byte code bites: Who checks the contents of compiled Python files?

The state of app sec with Chris Romeo: The year of the application is near

The Week in Security: Barracuda email flaw left open for months, calls for AI governance turn existential

Topics

Special Reports

The 2025 Software Supply Chain Security Report

Upcoming Webinars

ConversingLabs

Topics

Follow us

Subscribe

Special Reports