Blog | ReversingLabs (7)

January 28, 2025

AI is a double-edged sword: Why you need new controls to manage risk

AI can improve cybersecurity outcomes, but it also represents an entirely new threat. Upgrade your security strategy — and tooling — for the AI age.

January 23, 2025

BSIMM15 shines light on compliance and AI security — but updating tooling is key

The BSIMM highlights traditional AppSec practices — but they are no match for modern supply chain attacks and AI/ML. Here's what you need to know.

January 16, 2025

Securing generative AI: 5 action items to protect your organization

AI's integration across enterprise platforms is "rapidly expanding the global attack surface." Here are five action items for your team.

January 15, 2025

Going beyond 'shift left': Why shared responsibility is key to risk management

AppSec experts and software risk managers say organizations must move beyond shift left. Here's why — and how to make that happen.

January 8, 2025

Census III study spotlights ongoing open-source software security challenges

The study, from the Linux Foundation, OpenSSF, and Harvard, highlights key open-source risk areas. Here's what you need to know.

January 7, 2025

Compliance as cybersecurity: A reality check on checkbox risk management

Here's what's driving compliance as security — and why it's essential to go beyond checkbox cybersecurity amid a rapidly changing threat landscape.

December 24, 2024

SEC cybersecurity disclosures and lessons to be learned: A timeline

Here’s what the 2024 8-K security-incident filings are all about, lessons to be learned — and the bigger picture for cybersecurity.

December 20, 2024

OSS in the crosshairs: Cryptomining hacks highlight key new threat

Hacks of rspack, vant highlight the growing trend of cryptomining compromises spreading via top open-source packages.

December 20, 2024

The year in ransomware: Security lessons to help you stay one step ahead

Ransomware kept its stride in 2024. In 2025, threat actors are moving toward targeting key parts of the software supply chain. Here are key lessons.

December 20, 2024

A new playground: Malicious campaigns proliferate from VSCode to npm

To avoid compromised packages being introduced as a dependency in a larger project, security teams need to keep an eye peeled for such malicious code.

December 11, 2024

U.K. cybersecurity chief warns of gap between risks and defenses

The new NCSC lead warned that cybersecurity risk is 'widely underestimated.' But experts say AI could close the gap — if the industry comes together.

December 10, 2024

AI-based fuzzing targets open-source LLM vulnerabilities

Google researchers have identified 26 vulnerabilities with OSS-Fuzz, but experts warn that AI fuzzing is not a panacea for AI/ML security.

Software Supply Chain Security

File Security

Security Operations

Products

Technology

Industry

Partners

Alliances

Resources

Company

Events

Press

AI is a double-edged sword: Why you need new controls to manage risk

BSIMM15 shines light on compliance and AI security — but updating tooling is key

Securing generative AI: 5 action items to protect your organization

Going beyond 'shift left': Why shared responsibility is key to risk management

Census III study spotlights ongoing open-source software security challenges

Compliance as cybersecurity: A reality check on checkbox risk management

SEC cybersecurity disclosures and lessons to be learned: A timeline

OSS in the crosshairs: Cryptomining hacks highlight key new threat

The year in ransomware: Security lessons to help you stay one step ahead

A new playground: Malicious campaigns proliferate from VSCode to npm

U.K. cybersecurity chief warns of gap between risks and defenses

AI-based fuzzing targets open-source LLM vulnerabilities

Topics

Special Reports

The 2025 Software Supply Chain Security Report

Upcoming Webinars

ConversingLabs

Topics

Follow us

Subscribe

Special Reports