Malicious ML models discovered on Hugging Face platform
Software development teams working on machine learning take note: RL threat researchers have identified nullifAI, a novel attack technique used on Hugging Face.
Malicious ML models discovered on Hugging Face platform
Sandboxes Alone Won’t Stop the Malware Onslaught. Here’s What Will.
Learn how RL's Advanced Malware Analysis can help your organization move beyond the sandbox to better guard against malicious files.
Get real about container security: 4 essential practices to manage risk
Here are key practices you must implement to protect container workloads — and new controls needed for all software — in the age of supply chain security.
Secure by Design and Secure by Default: You need both to boost AppSec
When it comes to these two security approaches advanced by CISA for locking down your application security, it's not an either/or proposition. Here's why.
OWASP tackles AI security with new NHI Top 10: What you need to know
Identity management is key for security, but AI is bringing a lot more non-humans into the mix. The OWASP list calls attention to this. Here are the top takeaways.
AppSec & Supply Chain Security | January 28, 2025 AI is a double-edged sword: Why you need new controls to manage risk
AI can improve cybersecurity outcomes, but it also represents an entirely new threat. Upgrade your security strategy — and tooling — for the AI age.
BSIMM15 shines light on compliance and AI security
The report emphasizes traditional AppSec practices — but those are no match for new threats from AI/ML. Here's what you need to know.
Multi-Scanning Antivirus: Boost Your Threat Hunting With Multiple Layers
Here are the key reasons you should consider multi-scanning — and how ReversingLabs’s solution delivers best-of-class performance.
Securing generative AI: 5 action items to protect your organization
AI's integration across enterprise platforms is "rapidly expanding the global attack surface." Here are five action items for your team.
Going beyond 'shift left': Why shared responsibility is key to risk management
AppSec experts and software risk managers say doing security checks earlier isn't enough. Here's why — and what else organizations should do.
Census III study spotlights ongoing open-source software security challenges
The study, from the Linux Foundation, OpenSSF, and Harvard, highlights key open-source risk areas. Here's what you need to know.
Compliance as cybersecurity: A reality check on checkbox risk management
Here's what's driving the compliance-as-security trend — and why it's essential to go beyond checkbox cybersecurity amid a rapidly changing threat landscape.
SEC cybersecurity disclosures and lessons to be learned: A timeline
Here’s what the 2024 8-K security-incident filings are all about, lessons to be learned — and the bigger picture for cybersecurity.
A new playground: Malicious campaigns proliferate from VSCode to npm
To avoid compromised packages being introduced as a dependency in a larger project, security teams need to keep an eye peeled for such malicious code.
The year in ransomware: Security lessons to help you stay one step ahead
Ransomware kept its stride in 2024. In 2025, threat actors are moving toward targeting key parts of the software supply chain. Here are key lessons.