Cybercrime-as-a-service forces a security rethink
With AI-powered tools readily available, sophisticated attacks no longer require sophisticated attackers.
Featured
Cybercrime-as-a-service forces a security rethink
How to Use YARA Retrohunting for Defense
Learn how to use RL’s analysis of "pkr_mtsi" to advance your detection engineering in Spectra Analyze.
Commercial software risk: New controls required
Legacy strategies and tooling can’t manage today’s software threats. Here’s why binary analysis is necessary.
Latest
Cybercrime-as-a-service forces a security rethink
With AI-powered tools readily available, sophisticated attacks no longer require sophisticated attackers.
How to Use YARA Retrohunting for Defense
Learn how to use RL’s analysis of "pkr_mtsi" to advance your detection engineering in Spectra Analyze.
Commercial software risk: New controls required
Legacy strategies and tooling can’t manage today’s software threats. Here’s why binary analysis is necessary.
Inside the fake crypto developer recruitment hack
Here’s a more-in-depth technical analysis of the packages involved in the "graphalgo" campaign.
Fake recruiter campaign targets crypto devs
A new branch of a fake job recruitment campaign, dubbed "graphalgo," is targeting developers with a RAT.
Gartner® CISO Playbook for Commercial SSCS: 3 key insights
Here are the takeaways CISOs and other security leaders should consider for their TPCRM strategies.
Notepad++ hack: Supply chain threats evolve
A compromise of the source code editor underscores attack method diversification. It's time to go beyond trust.
Lab offers 9 ways to improve MCP security
The Vulnerable MCP Servers Lab delivers integration training, demos, and instruction on attack methods.
RL SSCS Report: A 2025 retrospective
ReversingLabs looked at last year’s Software Supply Chain Security Report in the rear-view mirror. Here’s what RL got right — and wrong.
Inside the EmEditor supply chain compromise
By combining early infrastructure detection with supply chain security controls you can give your defenders a leg up.
How AI coding is breathing new life into Rust
AI tools are making Rust a favorite language of developers — even those maintaining codebases like Microsoft’s.
RL SSCS Report 2026: A guidance timeline
Here are the guidelines, mandates, frameworks, and goals that have refined software supply chain security policy.
RL SSCS Report 2026: 5 key takeaways
OSS and dev tools are targets as AI risk rises. Learn more in the Software Supply Chain Security Report 2026.
Anthropic’s PSF investment: Why it matters
Here’s what the $1.5M investment in the Python Software Foundation will mean for AI coding and open-source security.
SSDF 1.2 sees AppSec as a journey
NIST has broadened the Secure Software Development Framework to include the full SDLC. Here’s why it matters.