Blog | ReversingLabs (7)

December 10, 2024

AI-based fuzzing targets open-source LLM vulnerabilities

Google researchers have identified 26 vulnerabilities with OSS-Fuzz, but experts warn that AI fuzzing is not a panacea for AI/ML security.

December 10, 2024

SEC action raises the bar on software transparency

The firms have been fined for playing down the impact of the attack on SolarWinds. It’s part of a government push for greater transparency.

December 9, 2024

Compromised ultralytics PyPI package delivers crypto coinminer

A compromised build environment led to a malicious deployment of a popular AI library that had the potential of delivering other malware.

December 5, 2024

Malware found in Solana npm library raises the bar for crypto security

Two recent versions of the Solana web3.js open source library were infected with code to steal private keys, putting crypto platforms and wallets at risk.

December 5, 2024

Secure Your AWS Environments: Go Beyond Traditional Tooling in 2025

Whether it is managing a data lake, orchestrating CI/CD pipelines, or safeguarding data, your security needs are evolving — and so must your strategy.

December 3, 2024

The state of AppSec tooling: Step up to modern software security

Organizations are struggling with outdated tools. Here's what you need to know about modernizing your AppSec tooling for today's supply chain threats.

December 3, 2024

.Net Devs Can Now Vet NuGet Packages with the Spectra Assure Community

Minimize NuGet security risks with the largest, free community resource for vetting open-source software packages - Spectra Assure Community.

December 2, 2024

Software liability gets real: 5 ways to get ahead of the EU's new directive

Here's what your organization needs to know about the Product Liability Directive — and how to avoid any slip-ups.

December 2, 2024

Why shift left alone can't manage your software risk

The state of application security was on the agenda at the Elephant in AppSec Conference. One clear takeaway: Modern threats demand an all-in approach.

November 28, 2024

Malicious PyPI crypto pay package aiocpa implants infostealer code

The incident demonstrates how machine learning-based threat hunting can help development teams spot threats other tools miss.

November 26, 2024

OWASP Top 10 for LLM adds risks: Get on target to secure your AI models

OWASP has updated its Top 10 list with key risk areas, and recently added an AppSec tooling guide for AI. Here's what they cover — and what they don't.

November 21, 2024

Differential analysis raises red flags over @lottiefiles/lottie-player

Three versions of the popular package were infected and used to spread malicious code that was stealing crypto wallet assets.

Software Supply Chain Security

File Security

Security Operations

Products

Technology

Industry

Partners

Alliances

Resources

Company

Events

Press

AI-based fuzzing targets open-source LLM vulnerabilities

SEC action raises the bar on software transparency

Compromised ultralytics PyPI package delivers crypto coinminer

Malware found in Solana npm library raises the bar for crypto security

Secure Your AWS Environments: Go Beyond Traditional Tooling in 2025

The state of AppSec tooling: Step up to modern software security

.Net Devs Can Now Vet NuGet Packages with the Spectra Assure Community

Software liability gets real: 5 ways to get ahead of the EU's new directive

Why shift left alone can't manage your software risk

Malicious PyPI crypto pay package aiocpa implants infostealer code

OWASP Top 10 for LLM adds risks: Get on target to secure your AI models

Differential analysis raises red flags over @lottiefiles/lottie-player

Topics

Special Reports

The 2025 Software Supply Chain Security Report

Upcoming Webinars

ConversingLabs

Topics

Follow us

Subscribe

Special Reports