RL Blog
IDE insider threat

How AI agents can weaponize IDEs

Research shows that AI coding can tap integrated development environments to become privileged insider threats. 

Read More about How AI agents can weaponize IDEs
How AI agents can weaponize IDEs
Malicious npm packages use fake install logs to load RAT

Fake install logs in npm packages load RAT

The final-stage malware in the Ghost campaign is a RAT designed to steal crypto wallets and sensitive data.

Read More about Fake install logs in npm packages load RAT
Fake install logs in npm packages load RAT
Post-quantum security

Crypto group ushers in post-quantum security

Here’s a look at the Ethereum Foundation’s new PQC security effort — and why you need to modernize your SecOps.

Read More about Crypto group ushers in post-quantum security
Crypto group ushers in post-quantum security
AI agents black hole of risks

OpenClaw lesson: AI agents are a black hole

AI agents create novel attack surfaces and control issues that require rethinking assumptions — and AppSec tooling.

Read More about OpenClaw lesson: AI agents are a black hole
OpenClaw lesson: AI agents are a black hole
Polyglot File Examination with Spectra Analyze

How to Examine Polyglot Files with Spectra Analyze

Here's how to assess a sample using Spectra Analyze in your environment — and create a YARA rule.

Read More about How to Examine Polyglot Files with Spectra Analyze
How to Examine Polyglot Files with Spectra Analyze
SBOM: check

Make Your SBOMs Actionable with PURLs

Learn how Package URLs improve vulnerability matching, which reduces alert fatigue and simplifies compliance.

Read More about Make Your SBOMs Actionable with PURLs
Make Your SBOMs Actionable with PURLs
Container security

OWASP adopts DockSec: Why it matters

OWASP has adopted the container security tool to slow information overload. Here’s what you need to know.

Read More about OWASP adopts DockSec: Why it matters
OWASP adopts DockSec: Why it matters
OpenClaw agentic AI risk

OpenClaw and AI risk: 3 AppSec lessons

The OpenClaw saga is a case study on the threat from agentic AI, showing how it increases software risk.

Read More about OpenClaw and AI risk: 3 AppSec lessons
OpenClaw and AI risk: 3 AppSec lessons
Trip Hazard

Claude Code Security: The pros and cons

The new tool is a step forward on AI coding risk — but it trips on modern threats because it looks only at source code.

Read More about Claude Code Security: The pros and cons
Claude Code Security: The pros and cons
Fight fire with fire

AI-native AppSec: What it is — and why it matters

AI coding is a game-changer — and requires AI-powered application security to fight fire with fire.

Read More about AI-native AppSec: What it is — and why it matters
AI-native AppSec: What it is — and why it matters
AI coding and AppSec

BSIMM16 confirms: AI redefines AppSec

AI coding is the new reality — and it will further destabilize software supply chain security. So step up your AppSec.

Read More about BSIMM16 confirms: AI redefines AppSec
BSIMM16 confirms: AI redefines AppSec
Inside the NuGet hack toolset

Inside the NuGet hackers' toolset

RL discovered two packages containing scripts that complete a typosquatting toolchain. Here's how it worked.

Read More about Inside the NuGet hackers' toolset
Inside the NuGet hackers' toolset
Malicious NuGet package targets Stripe

Malicious NuGet package targets Stripe

Threat actors targeted developers with a bogus package — a shift away from the recent crypto development hack focus.

Read More about Malicious NuGet package targets Stripe
Malicious NuGet package targets Stripe
AI upends SSCS

How AI agents upend supply chain security

Here’s what you need to know about their impact on software security — and what you can do to fight back. 

Read More about How AI agents upend supply chain security
How AI agents upend supply chain security
Cybercrime-as-a-service

Cybercrime-as-a-service forces a security rethink

With AI-powered tools readily available, sophisticated attacks no longer require sophisticated attackers.

Read More about Cybercrime-as-a-service forces a security rethink
Cybercrime-as-a-service forces a security rethink
Previous1...345...57Next

Topics

All Blog PostsAppSec & Supply Chain SecurityDev & DevSecOpsProducts & TechnologySecurity OperationsThreat Research
Why RL Built Spectra Assure Community

Why RL Built Spectra Assure Community

We set out to help dev and AppSec teams secure the village: OSS dependencies, malware, more. Learn how.

Read More about Why RL Built Spectra Assure Community
Why RL Built Spectra Assure Community

Follow us

XX / TwitterLinkedInLinkedInFacebookFacebookInstagramInstagramYouTubeYouTubeblueskyBluesky

Subscribe

Get the best of RL Blog delivered to your in-box weekly. Stay up to date on key trends, analysis and best practices across threat intelligence and software supply chain security.

ReversingLabs: The More Powerful, Cost-Effective Alternative to VirusTotalSee Why
Skip to main content
Contact UsSupportBlogCommunity
reversinglabsReversingLabs: Home
Solutions
Secure Software OnboardingSecure Build & ReleaseProtect Virtual MachinesIntegrate Safe Open SourceGo Beyond the SBOM
Increase Email Threat ResilienceDetect Malware in File Shares & StorageAdvanced Malware Analysis SuiteICAP Enabled Solutions
Scalable File AnalysisHigh-Fidelity Threat IntelligenceCurated Ransomware FeedAutomate Malware Analysis Workflows
Products & Technology
Spectra Assure®Software Supply Chain SecuritySpectra DetectHigh-Speed, High-Volume, Large File AnalysisSpectra AnalyzeIn-Depth Malware Analysis & Hunting for the SOCSpectra IntelligenceAuthoritative Reputation Data & Intelligence
Spectra CoreIntegrations
Industry
Energy & UtilitiesFinanceHealthcareHigh TechPublic Sector
Partners
Become a PartnerValue-Added PartnersTechnology PartnersMarketplacesOEM Partners
Alliances
Resources
BlogContent LibraryCybersecurity GlossaryConversingLabs PodcastEvents & WebinarsLearning with ReversingLabsWeekly Insights Newsletter
Customer StoriesDemo VideosDocumentationOpenSource YARA Rules
Company
About UsLeadershipCareersSeries B Investment
Events
Press ReleasesIn the News
Pricing
Software Supply Chain SecurityMalware Analysis and Threat Hunting
Request a demo
Menu

Spectra Assure Free Trial

Get your 14-day free trial of Spectra Assure for Software Supply Chain Security

Get Free TrialMore about Spectra Assure Free Trial
Blog
Events
About Us
Webinars
In the News
Careers
Demo Videos
Cybersecurity Glossary
Contact Us
reversinglabsReversingLabs: Home
Privacy PolicyCookiesImpressum
All rights reserved ReversingLabs © 2026
XX / TwitterLinkedInLinkedInFacebookFacebookInstagramInstagramYouTubeYouTubeblueskyBlueskyRSSRSS
Back to Top