RL Blog
OpenSSF's open source security mobilization initiative: Inside the 10-point action plan

OpenSSF's open source security mobilization initiative: Inside the 10-point action plan

Here is a run-down of the 10 streams from OpenSSF's Open Source Software Security Mobilization Plan.

Read More about OpenSSF's open source security mobilization initiative: Inside the 10-point action plan
OpenSSF's open source security mobilization initiative: Inside the 10-point action plan
New Features for TitaniumScale, version 3.0

New Features for TitaniumScale, version 3.0

Updates include: Improved static analysis, improved integrations and automation, smoother workflows for a better user experience, and ease of administration.

Read More about New Features for TitaniumScale, version 3.0
New Features for TitaniumScale, version 3.0
Threat analysis: Follina exploit fuels 'live-off-the-land' attacks

Threat analysis: Follina exploit fuels 'live-off-the-land' attacks

An analysis of three in-the-wild payloads delivered using the recently discovered Follina exploit shows how attackers can use it to achieve persistent access in victim environments and turbo-charge efforts to ‘live off the land’ and avoid detection by security monitoring tools.

Read More about Threat analysis: Follina exploit fuels 'live-off-the-land' attacks
Threat analysis: Follina exploit fuels 'live-off-the-land' attacks
New Features for the A1000, version 6.4

New Features for the A1000, version 6.4

Better threat hunting and investigations with flexibility in threat status classifications, reliable dynamic and network analysis, and smoother workflows and maintenance.

Read More about New Features for the A1000, version 6.4
New Features for the A1000, version 6.4
The Week in Cybersecurity: SolarWinds attackers tap Google Drive, malware spreads via Play Store apps

The Week in Cybersecurity: SolarWinds attackers tap Google Drive, malware spreads via Play Store apps

Cozy Bear APT group is using Dropbox and Google drive to cover up attacks, malware is spreading via Google Play Store apps, and more.

Read More about The Week in Cybersecurity: SolarWinds attackers tap Google Drive, malware spreads via Play Store apps
The Week in Cybersecurity: SolarWinds attackers tap Google Drive, malware spreads via Play Store apps
Three decades later, ransomware's first act still resonates

Three decades later, ransomware's first act still resonates

More than 30 years after the AIDS computer virus spread via infected floppy disks, ransomware has taken the world by storm. But echoes of that first attack can still be heard today.

Read More about Three decades later, ransomware's first act still resonates
Three decades later, ransomware's first act still resonates
Stylized image showing chess pieces on a board with a glowing knight and a bright red background displaying ‘LOG4J’ and a warning symbol. Source code lines appear in the background, symbolizing the ongoing cybersecurity risk posed by the Log4j vulnerability.

CISA: Log4j threat will linger for years—so be prepared

A survey of the post-Log4j landscape found few successful hacks linked to it. The bad news? Log4Shell will linger for years — so you need to prepare.

Read More about CISA: Log4j threat will linger for years—so be prepared
CISA: Log4j threat will linger for years—so be prepared
The Week in Cybersecurity: Chips hit by 'Retbleed', journalists the chosen target of APTs

The Week in Cybersecurity: Chips hit by 'Retbleed', journalists the chosen target of APTs

A new attack known as ‘Retbleed’ impacts microprocessors, journalists are becoming desirable targets for cybercriminals, and more.

Read More about The Week in Cybersecurity: Chips hit by 'Retbleed', journalists the chosen target of APTs
The Week in Cybersecurity: Chips hit by 'Retbleed', journalists the chosen target of APTs
The Week in Cybersecurity: NPM removes malicious modules, Microsoft backtracks on macros

The Week in Cybersecurity: NPM removes malicious modules, Microsoft backtracks on macros

Fallout from another supply chain attack involving malicious npm modules. Also: Microsoft backtracks on a pledge to disable Office macros.

Read More about The Week in Cybersecurity: NPM removes malicious modules, Microsoft backtracks on macros
The Week in Cybersecurity: NPM removes malicious modules, Microsoft backtracks on macros
text iconburst in middle of circle of flames

Update: IconBurst npm software supply chain attack grabs data from apps and websites

ReversingLabs researchers have uncovered a widespread campaign to install malicious npm modules that are harvesting sensitive data from forms embedded in mobile apps and websites.

Read More about Update: IconBurst npm software supply chain attack grabs data from apps and websites
Update: IconBurst npm software supply chain attack grabs data from apps and websites
The Week in Cybersecurity: NATO creates cyber rapid response

The Week in Cybersecurity: NATO creates cyber rapid response

International relations intersects with cybersecurity, learn how to leverage YARA rules, plus new developments on AstraLocker 2.0.

Read More about The Week in Cybersecurity: NATO creates cyber rapid response
The Week in Cybersecurity: NATO creates cyber rapid response
SBOM Facts: Know what's in your software to fend off supply chain attacks

SBOM Facts: Know what's in your software to fend off supply chain attacks

SBOM Facts: Know what's in your software to fend off supply chain attacks

Read More about SBOM Facts: Know what's in your software to fend off supply chain attacks
SBOM Facts: Know what's in your software to fend off supply chain attacks
Smash-and-grab: AstraLocker 2.0 pushes ransomware direct from Office docs

Smash-and-grab: AstraLocker 2.0 pushes ransomware direct from Office docs

ReversingLabs recently discovered instances of the AstraLocker 2.0 malware distributed directly from Microsoft Word files used in phishing attacks.

Read More about Smash-and-grab: AstraLocker 2.0 pushes ransomware direct from Office docs
Smash-and-grab: AstraLocker 2.0 pushes ransomware direct from Office docs
The Week in Cybersecurity: Austrian hackers-for-hire KNOTWEED serve up Subzero malware

The Week in Cybersecurity: Austrian hackers-for-hire KNOTWEED serve up Subzero malware

Austrian group KNOTWEED spreads malware via Microsoft products, new malware-infested apps pop up in the Google Play store, and mo

Read More about The Week in Cybersecurity: Austrian hackers-for-hire KNOTWEED serve up Subzero malware
The Week in Cybersecurity: Austrian hackers-for-hire KNOTWEED serve up Subzero malware
Paul Robers for Conversing Labs podcast

ConversingLabs highlights: RSA Conference spotlights software supply chain, critical infrastructure risk

The RSA Conference brings some of the brightest minds in information security together in one place.

Read More about ConversingLabs highlights: RSA Conference spotlights software supply chain, critical infrastructure risk
ConversingLabs highlights: RSA Conference spotlights software supply chain, critical infrastructure risk
Previous1...484950...58Next

Topics

All Blog PostsAppSec & Supply Chain SecurityDev & DevSecOpsProducts & TechnologySecurity OperationsThreat Research
Why RL Built Spectra Assure Community

Why RL Built Spectra Assure Community

We set out to help dev and AppSec teams secure the village: OSS dependencies, malware, more. Learn how.

Read More about Why RL Built Spectra Assure Community
Why RL Built Spectra Assure Community

Follow us

XX / TwitterLinkedInLinkedInFacebookFacebookInstagramInstagramYouTubeYouTubeblueskyBluesky

Subscribe

Get the best of RL Blog delivered to your in-box weekly. Stay up to date on key trends, analysis and best practices across threat intelligence and software supply chain security.

The inaugural Gartner® Magic Quadrant™ for Software Supply Chain Security is outGET THE REPORT
Skip to main content
Contact UsSupportBlogCommunity
reversinglabsReversingLabs: Home
Solutions
Secure Software OnboardingSecure Build & ReleaseProtect Virtual MachinesIntegrate Safe Open SourceGo Beyond the SBOM
Increase Email Threat ResilienceDetect Malware in File Shares & StorageAdvanced Malware Analysis SuiteICAP Enabled Solutions
Scalable File AnalysisHigh-Fidelity Threat IntelligenceCurated Ransomware FeedAutomate Malware Analysis Workflows
Products & Technology
Spectra Assure®Software Supply Chain SecuritySpectra DetectHigh-Speed, High-Volume, Large File AnalysisSpectra AnalyzeIn-Depth Malware Analysis & Hunting for the SOCSpectra IntelligenceAuthoritative Reputation Data & Intelligence
Spectra CoreIntegrations
Industry
Energy & UtilitiesFinanceHealthcareHigh TechPublic Sector
Partners
Become a PartnerValue-Added PartnersTechnology PartnersMarketplacesOEM Partners
Alliances
Resources
BlogContent LibraryCybersecurity GlossaryConversingLabs PodcastEvents & WebinarsLearning with ReversingLabsWeekly Insights Newsletter
Customer StoriesDemo VideosDocumentationOpenSource YARA Rules
Company
About UsLeadershipCareersSeries B Investment
EventsBlack Hat 2026
Press ReleasesIn the News
Pricing
Software Supply Chain SecurityMalware Analysis and Threat Hunting
Request a demo
Menu

Spectra Assure Free Trial

Get your 14-day free trial of Spectra Assure for Software Supply Chain Security

Get Free TrialMore about Spectra Assure Free Trial
Blog
Events
About Us
Webinars
In the News
Careers
Demo Videos
Cybersecurity Glossary
Contact Us
reversinglabsReversingLabs: Home
Privacy PolicyCookiesImpressum
All rights reserved ReversingLabs © 2026
XX / TwitterLinkedInLinkedInFacebookFacebookInstagramInstagramYouTubeYouTubeblueskyBlueskyRSSRSS
Back to Top