Blog | ReversingLabs (5)

January 15, 2025

Going beyond 'shift left': Why shared responsibility is key to risk management

AppSec experts and software risk managers say organizations must move beyond shift left. Here's why — and how to make that happen.

January 8, 2025

Census III study spotlights ongoing open-source software security challenges

The study, from the Linux Foundation, OpenSSF, and Harvard, highlights key open-source risk areas. Here's what you need to know.

January 7, 2025

Compliance as cybersecurity: A reality check on checkbox risk management

Here's what's driving compliance as security — and why it's essential to go beyond checkbox cybersecurity amid a rapidly changing threat landscape.

December 24, 2024

SEC cybersecurity disclosures and lessons to be learned: A timeline

Here’s what the 2024 8-K security-incident filings are all about, lessons to be learned — and the bigger picture for cybersecurity.

December 20, 2024

OSS in the crosshairs: Cryptomining hacks highlight key new threat

Hacks of rspack, vant highlight the growing trend of cryptomining compromises spreading via top open-source packages.

December 20, 2024

The year in ransomware: Security lessons to help you stay one step ahead

Ransomware kept its stride in 2024. In 2025, threat actors are moving toward targeting key parts of the software supply chain. Here are key lessons.

December 20, 2024

A new playground: Malicious campaigns proliferate from VSCode to npm

To avoid compromised packages being introduced as a dependency in a larger project, security teams need to keep an eye peeled for such malicious code.

December 11, 2024

U.K. cybersecurity chief warns of gap between risks and defenses

The new NCSC lead warned that cybersecurity risk is 'widely underestimated.' But experts say AI could close the gap — if the industry comes together.

December 10, 2024

AI-based fuzzing targets open-source LLM vulnerabilities

Google researchers have identified 26 vulnerabilities with OSS-Fuzz, but experts warn that AI fuzzing is not a panacea for AI/ML security.

December 10, 2024

SEC action raises the bar on software transparency

The firms have been fined for playing down the impact of the attack on SolarWinds. It’s part of a government push for greater transparency.

December 9, 2024

Compromised ultralytics PyPI package delivers crypto coinminer

A compromised build environment led to a malicious deployment of a popular AI library that had the potential of delivering other malware.

December 5, 2024

Malware found in Solana npm library raises the bar for crypto security

Two recent versions of the Solana web3.js open source library were infected with code to steal private keys, putting crypto platforms and wallets at risk.

Software Supply Chain Security

File Security

Security Operations

Products

Technology

Partners

Alliances

Resources

Company

Events

Press

Going beyond 'shift left': Why shared responsibility is key to risk management

Census III study spotlights ongoing open-source software security challenges

Compliance as cybersecurity: A reality check on checkbox risk management

SEC cybersecurity disclosures and lessons to be learned: A timeline

OSS in the crosshairs: Cryptomining hacks highlight key new threat

The year in ransomware: Security lessons to help you stay one step ahead

A new playground: Malicious campaigns proliferate from VSCode to npm

U.K. cybersecurity chief warns of gap between risks and defenses

AI-based fuzzing targets open-source LLM vulnerabilities

SEC action raises the bar on software transparency

Compromised ultralytics PyPI package delivers crypto coinminer

Malware found in Solana npm library raises the bar for crypto security

Topics

Special Reports

The 2025 Software Supply Chain Security Report

Upcoming Webinars

ConversingLabs

Topics

Follow us

Subscribe

Special Reports