RL Blog
laptop screen with green shield checkmark being labelled as malicious

How SOC analysts and threat hunters can expose malware undetected by EDR

Enhancing Endpoint Visibility: Leveraging Advanced File Intelligence to Uncover Evasive Threats

Read More about How SOC analysts and threat hunters can expose malware undetected by EDR
How SOC analysts and threat hunters can expose malware undetected by EDR
timeline of federal guidance on software supply chain security white house electric tower

A definitive guide: Federal software supply chain security initiatives

The government added important new guidance in 2023. Get up to speed — and see our interactive timeline of recent attacks to stay ahead of them in 2024.

Read More about A definitive guide: Federal software supply chain security initiatives
A definitive guide: Federal software supply chain security initiatives
wooden blocks with letters spelling risk

Key reasons third-party cyber risk management programs fail

Here's why organizations are struggling with TPCRM — and how to develop an effective program.

Read More about Key reasons third-party cyber risk management programs fail
Key reasons third-party cyber risk management programs fail
get our key takeaways title card gartner report

Gartner® report addresses SSCS risks

The analyst firm Gartner® released a new report on software supply chain risk that recommends identification of malware or malicious code.

Read More about Gartner® report addresses SSCS risks
Gartner® report addresses SSCS risks
big pipeline with red shutoff valve

The JetBrains TeamCity software supply chain attack: Lessons learned

The TeamCity incident is similar to SunBurst, which was behind the attack on SolarWinds. But there are differences. Here are tips to help secure your software pipeline.

Read More about The JetBrains TeamCity software supply chain attack: Lessons learned
The JetBrains TeamCity software supply chain attack: Lessons learned
malware written in red in between binary code

ESF steps up supply chain security guidance with call for binary analysis

To advance the state of software supply chain security and better mitigate risk, the Enduring Security Framework group has highlighted the need for binary analysis and reproducible builds.

Read More about ESF steps up supply chain security guidance with call for binary analysis
ESF steps up supply chain security guidance with call for binary analysis
detecting bibi wiper

From the Labs: YARA Rule for Detecting BiBi Wiper

Cross-Platform Threats: Leveraging YARA to Identify BiBi Wiper on Linux and Windows Systems

Read More about From the Labs: YARA Rule for Detecting BiBi Wiper
From the Labs: YARA Rule for Detecting BiBi Wiper
abstract cityscape

Malware leveraging public infrastructure like GitHub on the rise

ReversingLabs researchers have uncovered two novel techniques running on GitHub — one abusing GitHub Gists, another issuing commands through git commit messages.

Read More about Malware leveraging public infrastructure like GitHub on the rise
Malware leveraging public infrastructure like GitHub on the rise
green robot turned facing different way amidst a bunch of pink robots

The Hugging Face API token breach: 5 lessons learned

More than 1,500 tokens were exposed, leaving millions of AI models and datasets vulnerable. Here's what your security team can learn from the compromise.

Read More about The Hugging Face API token breach: 5 lessons learned
The Hugging Face API token breach: 5 lessons learned
scrabble letters spelling AI

Secure AI development guidance: What software teams need to know

U.K. and U.S. cyber-watchdogs say to start with Secure by Design — but don't stop there. Here are key takeaways from their new guidelines.

Read More about Secure AI development guidance: What software teams need to know
Secure AI development guidance: What software teams need to know
bullet whizzing through air

MFA and software supply chain security: It's no magic bullet

SolarWinds, Codecov, and Kaseya showed how adversaries with access to a development environment can wreak havoc. Multifactor authentication is key, but it's not an "end-all solution."

Read More about MFA and software supply chain security: It's no magic bullet
MFA and software supply chain security: It's no magic bullet
distressed woman at computer

Developers behaving badly: Why holistic AppSec is key

Mature organizations recognize that their AppSec approach has to keep pace with modern development teams. Here's why.

Read More about Developers behaving badly: Why holistic AppSec is key
Developers behaving badly: Why holistic AppSec is key
man in boxing gloves squaring up

6 ways AI helps SecOps punch back

While AI is mostly seen as opening a new front in the threat landscape, it will also be tapped to fight back with advanced threat hunting and more.

Read More about 6 ways AI helps SecOps punch back
6 ways AI helps SecOps punch back
map and compass stock photo

10 tips for building an enterprise threat modeling program

The Threat Modeling Manifesto explains the how. Now teams must map out an actionable threat modeling program. Here are 10 key tips to get started.

Read More about 10 tips for building an enterprise threat modeling program
10 tips for building an enterprise threat modeling program
The AI executive order: What AppSec teams need to know

The AI executive order: What AppSec teams need to know

While the new White House EO is largely focused on foundational AI, security teams reviewing AI initiatives are still in the hot seat.

Read More about The AI executive order: What AppSec teams need to know
The AI executive order: What AppSec teams need to know
Previous1...272829...58Next

Topics

All Blog PostsAppSec & Supply Chain SecurityDev & DevSecOpsProducts & TechnologySecurity OperationsThreat Research
Why RL Built Spectra Assure Community

Why RL Built Spectra Assure Community

We set out to help dev and AppSec teams secure the village: OSS dependencies, malware, more. Learn how.

Read More about Why RL Built Spectra Assure Community
Why RL Built Spectra Assure Community

Follow us

XX / TwitterLinkedInLinkedInFacebookFacebookInstagramInstagramYouTubeYouTubeblueskyBluesky

Subscribe

Get the best of RL Blog delivered to your in-box weekly. Stay up to date on key trends, analysis and best practices across threat intelligence and software supply chain security.

The inaugural Gartner® Magic Quadrant™ for Software Supply Chain Security is outGET THE REPORT
Skip to main content
Contact UsSupportBlogCommunity
reversinglabsReversingLabs: Home
Solutions
Secure Software OnboardingSecure Build & ReleaseProtect Virtual MachinesIntegrate Safe Open SourceGo Beyond the SBOM
Increase Email Threat ResilienceDetect Malware in File Shares & StorageAdvanced Malware Analysis SuiteICAP Enabled Solutions
Scalable File AnalysisHigh-Fidelity Threat IntelligenceCurated Ransomware FeedAutomate Malware Analysis Workflows
Products & Technology
Spectra Assure®Software Supply Chain SecuritySpectra DetectHigh-Speed, High-Volume, Large File AnalysisSpectra AnalyzeIn-Depth Malware Analysis & Hunting for the SOCSpectra IntelligenceAuthoritative Reputation Data & Intelligence
Spectra CoreIntegrations
Industry
Energy & UtilitiesFinanceHealthcareHigh TechPublic Sector
Partners
Become a PartnerValue-Added PartnersTechnology PartnersMarketplacesOEM Partners
Alliances
Resources
BlogContent LibraryCybersecurity GlossaryConversingLabs PodcastEvents & WebinarsLearning with ReversingLabsWeekly Insights Newsletter
Customer StoriesDemo VideosDocumentationOpenSource YARA Rules
Company
About UsLeadershipCareersSeries B Investment
EventsBlack Hat 2026
Press ReleasesIn the News
Pricing
Software Supply Chain SecurityMalware Analysis and Threat Hunting
Request a demo
Menu

Spectra Assure Free Trial

Get your 14-day free trial of Spectra Assure for Software Supply Chain Security

Get Free TrialMore about Spectra Assure Free Trial
Blog
Events
About Us
Webinars
In the News
Careers
Demo Videos
Cybersecurity Glossary
Contact Us
reversinglabsReversingLabs: Home
Privacy PolicyCookiesImpressum
All rights reserved ReversingLabs © 2026
XX / TwitterLinkedInLinkedInFacebookFacebookInstagramInstagramYouTubeYouTubeblueskyBlueskyRSSRSS
Back to Top