OWASP researcher: Supply chain attacks require going beyond vulnerabilities
Jeremy Long, who founded OWASP's Dependency Check Program, urges organizations to shift from traditional AppSec testing to tools that can remediate malicious threats.
OWASP researcher: Supply chain attacks require going beyond vulnerabilities
The Week in Security: Cloudflare Tunnels abuse ramps up, U.K. voter data exposed
Stealthy Connections: The Rising Threat of Cloudflare Tunnel Abuse in Cyber Attacks
Listen up, devs: AI trained to overhear passwords
Deep learning model knows what keys you press — “with 95% accuracy.” The password's days are numbered.
Do you trust your software? Why verification matters
To manage risk, you need to trust the software you produce or consume — and that requires verification, provided by modern tools and a holistic approach.
8 Black Hat sessions you don’t want to miss
Black Hat USA is a showcase for top security experts and companies. Here's our short list of must-see sessions for 2023.
ReversingLabs @ Hacker Summer Camp: See you there
Every summer, teams congregate in Las Vegas to talk about all things cybersecurity. ReversingLabs has a lot going on. Here’s what we're up to at BSides, Black Hat, and DEF CON.
The Week in Security: Malware gives remote access to air-gapped devices, cyber attackers target Italy
Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond.
VMConnect: Malicious PyPI packages imitate popular open source modules
ReversingLabs threat researchers have identified a new malicious PyPI campaign that includes a suspicious VMConnect package published to the PyPI repo.
FraudGPT / WormGPT: Scammy for now — but a worrying signpost for software security
Your app sec team should factor in more capable malicious AI tools, coming soon.
Rust progress: New threat modeling, tools bolster programming language
Here's why the Rust Foundation Security Initiative's audit and resulting new tooling matter for secure coding — and software supply chain security.
How to use the ReversingLabs file enrichment API offer for Microsoft Sentinel
Here's how to enrich your (SecOps) life with TitaniumCloud APIs focused specifically on file enrichment available in the Azure Marketplace for Microsoft Sentinel.
WormGPT: Business email compromise amplified by ChatGPT hack
Selling for $1,000 on the dark web, the email fraud tool leverages generative AI to improve cybercriminals' effectiveness.
More malicious npm packages found in wake of JumpCloud supply chain hack
ReversingLabs researchers uncovered evidence of more malicious npm packages beyond those already disclosed — and conclude that the attack is still active.
The Week in Security: North Korean APT targets developers, this Barbie is a cybercriminal
Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond.
Tools gap leaves you exposed to supply chain attacks
Traditional application security can't defend against today's attacks. Our report explains why — and why you need to upgrade your AppSec strategy.