ReversingLabs Blog

ReversingLabs Blog https://www.reversinglabs.com/blog Latest blog posts from ReversingLabs en-US Sat, 06 Jun 2026 04:09:12 GMT 2026-06-06T04:09:12.397Z en Sat, 06 Jun 2026 04:09:12 GMT <![CDATA[How 56 npm packages used binding.gyp to steal CI/CD secrets]]> https://www.reversinglabs.com/blog/npm-bindinggyp-cicd-secrets https://www.reversinglabs.com/blog/npm-bindinggyp-cicd-secrets Thu, 04 Jun 2026 21:30:00 GMT 2026-06-04T21:30:00.000Z <![CDATA[Dependency remediation bolstered with CVE Lite CLI]]> https://www.reversinglabs.com/blog/cve-lite-cli https://www.reversinglabs.com/blog/cve-lite-cli Thu, 04 Jun 2026 15:00:00 GMT 2026-06-04T15:00:00.000Z <![CDATA[Get ahead of frontier AI: 5 AppSec strategy upgrades]]> https://www.reversinglabs.com/blog/frontier-ai-update-your-appsec https://www.reversinglabs.com/blog/frontier-ai-update-your-appsec Wed, 03 Jun 2026 15:00:00 GMT 2026-06-03T15:00:00.000Z <![CDATA[CVE noise drowns out supply chain threats]]> https://www.reversinglabs.com/blog/noise-to-signal-malware-matters https://www.reversinglabs.com/blog/noise-to-signal-malware-matters Tue, 02 Jun 2026 15:00:00 GMT 2026-06-02T15:00:00.000Z <![CDATA[31 Red Hat npm packages backdoored in 72 seconds]]> https://www.reversinglabs.com/blog/red-hat-cloud-service-npm-packages-backdoored-in-72-seconds https://www.reversinglabs.com/blog/red-hat-cloud-service-npm-packages-backdoored-in-72-seconds Mon, 01 Jun 2026 21:30:00 GMT 2026-06-01T21:30:00.000Z <![CDATA[Forrester Names RL in Agentic Development Security Market]]> https://www.reversinglabs.com/blog/forrester-agentic-development-security-landscape https://www.reversinglabs.com/blog/forrester-agentic-development-security-landscape Thu, 28 May 2026 18:00:00 GMT 2026-05-28T18:00:00.000Z <![CDATA[5 lessons from vulnerability management's front lines]]> https://www.reversinglabs.com/blog/5-lessons-vulnerability-management https://www.reversinglabs.com/blog/5-lessons-vulnerability-management Thu, 28 May 2026 15:00:00 GMT 2026-05-28T15:00:00.000Z <![CDATA[Dependency attack takes down ed-tech platform at scale]]> https://www.reversinglabs.com/blog/canvas-dependency-attack-scale https://www.reversinglabs.com/blog/canvas-dependency-attack-scale Wed, 27 May 2026 15:00:00 GMT 2026-05-27T15:00:00.000Z <![CDATA[Researcher's Notebook: Hunting Megalodon Fossils]]> https://www.reversinglabs.com/blog/hunting-megalodon-fossils https://www.reversinglabs.com/blog/hunting-megalodon-fossils Tue, 26 May 2026 15:30:00 GMT 2026-05-26T15:30:00.000Z <![CDATA[GitHub breach: The development ecosystem is in the hot seat]]> https://www.reversinglabs.com/blog/github-compromise-development-ecosystem https://www.reversinglabs.com/blog/github-compromise-development-ecosystem Fri, 22 May 2026 16:30:00 GMT 2026-05-22T16:30:00.000Z <![CDATA[AI agents are the new insider threat]]> https://www.reversinglabs.com/blog/ai-agents-new-insider-threat https://www.reversinglabs.com/blog/ai-agents-new-insider-threat Thu, 21 May 2026 15:00:00 GMT 2026-05-21T15:00:00.000Z <![CDATA[Hackers Abuse Parental Controls to Hijack Google Accounts]]> https://www.reversinglabs.com/blog/parental-control-flaw-google-account https://www.reversinglabs.com/blog/parental-control-flaw-google-account Wed, 20 May 2026 17:30:00 GMT 2026-05-20T17:30:00.000Z <![CDATA[Spectra Analyze, Spectra Core Update: Deeper Detection, Smarter Analysis]]> https://www.reversinglabs.com/blog/spectra-analyze-spectra-core-update52026 https://www.reversinglabs.com/blog/spectra-analyze-spectra-core-update52026 Wed, 20 May 2026 15:00:00 GMT 2026-05-20T15:00:00.000Z <![CDATA[Shai-Hulud code drop: It’s open season for attacks]]> https://www.reversinglabs.com/blog/the-shai-hulud-code-drop https://www.reversinglabs.com/blog/the-shai-hulud-code-drop Fri, 15 May 2026 02:00:00 GMT 2026-05-15T02:00:00.000Z <![CDATA[RL Joins NATO Locked Shields Cyber Event: 3 Takeaways]]> https://www.reversinglabs.com/blog/locked-shields-2026 https://www.reversinglabs.com/blog/locked-shields-2026 Thu, 14 May 2026 15:00:00 GMT 2026-05-14T15:00:00.000Z <![CDATA[Think AI agents are risky? Your underlying stack is too]]> https://www.reversinglabs.com/blog/ai-agents-risk-underlying-stack https://www.reversinglabs.com/blog/ai-agents-risk-underlying-stack Wed, 13 May 2026 15:00:00 GMT 2026-05-13T15:00:00.000Z <![CDATA[Mini Shai-Hulud tears at OSS trust]]> https://www.reversinglabs.com/blog/mini-shai-hulud-tears-at-oss-trust https://www.reversinglabs.com/blog/mini-shai-hulud-tears-at-oss-trust Tue, 12 May 2026 19:00:00 GMT 2026-05-12T19:00:00.000Z <![CDATA[How Dirty Frag rose from the Copy Fail exploit ]]> https://www.reversinglabs.com/blog/dirtyfrag-linux-privilege-escalation-exploit https://www.reversinglabs.com/blog/dirtyfrag-linux-privilege-escalation-exploit Tue, 12 May 2026 16:00:00 GMT 2026-05-12T16:00:00.000Z <![CDATA[Selective NVD enrichment: Why it matters]]> https://www.reversinglabs.com/blog/nist-selective-nvd-enrichment https://www.reversinglabs.com/blog/nist-selective-nvd-enrichment Thu, 07 May 2026 15:00:00 GMT 2026-05-07T15:00:00.000Z <![CDATA[Spectra Analyze in Action: Retrohunting Bots]]> https://www.reversinglabs.com/blog/spectra-analyze-retrohunting-telegram-bots https://www.reversinglabs.com/blog/spectra-analyze-retrohunting-telegram-bots Wed, 06 May 2026 15:00:00 GMT 2026-05-06T15:00:00.000Z <![CDATA[How Mythos changes the AppSec calculus]]> https://www.reversinglabs.com/blog/how-mythos-changes-the-appsec-calculus https://www.reversinglabs.com/blog/how-mythos-changes-the-appsec-calculus Tue, 05 May 2026 15:00:00 GMT 2026-05-05T15:00:00.000Z <![CDATA[Copy Fail Flaw: 5 YARA Rules for Detection]]> https://www.reversinglabs.com/blog/copy-fail-5-yara-rules https://www.reversinglabs.com/blog/copy-fail-5-yara-rules Fri, 01 May 2026 20:00:00 GMT 2026-05-01T20:00:00.000Z <![CDATA[How agentic AI flips the trust model]]> https://www.reversinglabs.com/blog/agentic-ai-trust-model https://www.reversinglabs.com/blog/agentic-ai-trust-model Thu, 30 Apr 2026 15:00:00 GMT 2026-04-30T15:00:00.000Z <![CDATA[Claude adds malware to crypto agent]]> https://www.reversinglabs.com/blog/claude-promptmink-malware-crypto https://www.reversinglabs.com/blog/claude-promptmink-malware-crypto Wed, 29 Apr 2026 15:00:00 GMT 2026-04-29T15:00:00.000Z <![CDATA[MCP rug-pull attack worries mount]]> https://www.reversinglabs.com/blog/mcp-rug-pull-attack-worries https://www.reversinglabs.com/blog/mcp-rug-pull-attack-worries Wed, 29 Apr 2026 15:00:00 GMT 2026-04-29T15:00:00.000Z <![CDATA[Can AppSec keep pace with AI coding?]]> https://www.reversinglabs.com/blog/appsec-keep-up-ai-coding https://www.reversinglabs.com/blog/appsec-keep-up-ai-coding Thu, 23 Apr 2026 15:00:00 GMT 2026-04-23T15:00:00.000Z <![CDATA[LLMmap puts its finger on ML attacks]]> https://www.reversinglabs.com/blog/llmmap-puts-its-finger-on-ml-attacks https://www.reversinglabs.com/blog/llmmap-puts-its-finger-on-ml-attacks Wed, 22 Apr 2026 15:00:00 GMT 2026-04-22T15:00:00.000Z <![CDATA[QR Code Phishing Evolves: How to Keep Up]]> https://www.reversinglabs.com/blog/qr-code-phishing-evolves https://www.reversinglabs.com/blog/qr-code-phishing-evolves Tue, 21 Apr 2026 15:00:00 GMT 2026-04-21T15:00:00.000Z <![CDATA[Vibeware: More than bad vibes for AppSec]]> https://www.reversinglabs.com/blog/vibeware-bad-vibes-appsec https://www.reversinglabs.com/blog/vibeware-bad-vibes-appsec Thu, 16 Apr 2026 15:00:00 GMT 2026-04-16T15:00:00.000Z <![CDATA[The CRA is coming: Are you ready?]]> https://www.reversinglabs.com/blog/cyber-resilience-act-get-ready https://www.reversinglabs.com/blog/cyber-resilience-act-get-ready Wed, 15 Apr 2026 15:00:00 GMT 2026-04-15T15:00:00.000Z <![CDATA[Why RL Built Spectra Assure Community]]> https://www.reversinglabs.com/blog/why-rl-built-spectra-assure-community https://www.reversinglabs.com/blog/why-rl-built-spectra-assure-community Tue, 14 Apr 2026 15:00:00 GMT 2026-04-14T15:00:00.000Z <![CDATA[Graphalgo fake recruiter campaign returns]]> https://www.reversinglabs.com/blog/graphalgo-campaign-respawned https://www.reversinglabs.com/blog/graphalgo-campaign-respawned Thu, 09 Apr 2026 15:00:00 GMT 2026-04-09T15:00:00.000Z <![CDATA[Claude Mythos: Get your AppSec game on]]> https://www.reversinglabs.com/blog/mythos-ai-appsec https://www.reversinglabs.com/blog/mythos-ai-appsec Wed, 08 Apr 2026 18:30:00 GMT 2026-04-08T18:30:00.000Z <![CDATA[28 application security stats that matter]]> https://www.reversinglabs.com/blog/28-application-security-stats-that-matter https://www.reversinglabs.com/blog/28-application-security-stats-that-matter Tue, 07 Apr 2026 15:00:00 GMT 2026-04-07T15:00:00.000Z <![CDATA[Axios: How AppSec teams should respond]]> https://www.reversinglabs.com/blog/axios-appsec-respond https://www.reversinglabs.com/blog/axios-appsec-respond Thu, 02 Apr 2026 18:05:45 GMT 2026-04-02T18:05:45.922Z <![CDATA[ClickFix: YARA Rules Catch What AV Misses]]> https://www.reversinglabs.com/blog/clickfix-yara-rule https://www.reversinglabs.com/blog/clickfix-yara-rule Thu, 02 Apr 2026 15:00:00 GMT 2026-04-02T15:00:00.000Z <![CDATA[How JPMC tackles software ‘trust debt’]]> https://www.reversinglabs.com/blog/opet-jpmc-software-trust-debt-rsac https://www.reversinglabs.com/blog/opet-jpmc-software-trust-debt-rsac Wed, 01 Apr 2026 15:00:00 GMT 2026-04-01T15:00:00.000Z <![CDATA[GenAI Security Project ramps up guidance]]> https://www.reversinglabs.com/blog/owasp-genai-security-project-updates https://www.reversinglabs.com/blog/owasp-genai-security-project-updates Tue, 31 Mar 2026 15:00:00 GMT 2026-03-31T15:00:00.000Z <![CDATA[AppSec as attacker: Inside Trivy–LiteLLM ]]> https://www.reversinglabs.com/blog/appsec-weaponized-trivylitellm https://www.reversinglabs.com/blog/appsec-weaponized-trivylitellm Fri, 27 Mar 2026 21:30:00 GMT 2026-03-27T21:30:00.000Z <![CDATA[The TeamPCP supply chain attack evolves]]> https://www.reversinglabs.com/blog/teampcp-supply-chain-attack-spreads https://www.reversinglabs.com/blog/teampcp-supply-chain-attack-spreads Fri, 27 Mar 2026 19:30:00 GMT 2026-03-27T19:30:00.000Z <![CDATA[Decouple SIEM data to reshape your AppSec]]> https://www.reversinglabs.com/blog/decouple-your-siem-data https://www.reversinglabs.com/blog/decouple-your-siem-data Thu, 26 Mar 2026 15:00:00 GMT 2026-03-26T15:00:00.000Z <![CDATA[How AI agents can weaponize IDEs]]> https://www.reversinglabs.com/blog/how-ai-agents-can-weaponize-ides https://www.reversinglabs.com/blog/how-ai-agents-can-weaponize-ides Wed, 25 Mar 2026 15:00:00 GMT 2026-03-25T15:00:00.000Z <![CDATA[Fake install logs in npm packages load RAT]]> https://www.reversinglabs.com/blog/npm-fake-install-logs-rat https://www.reversinglabs.com/blog/npm-fake-install-logs-rat Tue, 24 Mar 2026 15:00:00 GMT 2026-03-24T15:00:00.000Z <![CDATA[Crypto group ushers in post-quantum security]]> https://www.reversinglabs.com/blog/ethereum-post-quantum-security https://www.reversinglabs.com/blog/ethereum-post-quantum-security Thu, 19 Mar 2026 15:00:00 GMT 2026-03-19T15:00:00.000Z <![CDATA[OpenClaw lesson: AI agents are a black hole]]> https://www.reversinglabs.com/blog/openclaw-ai-agents-black-hole-risks https://www.reversinglabs.com/blog/openclaw-ai-agents-black-hole-risks Wed, 18 Mar 2026 15:00:00 GMT 2026-03-18T15:00:00.000Z <![CDATA[How to Examine Polyglot Files with Spectra Analyze]]> https://www.reversinglabs.com/blog/examine-polyglot-files-spectra-analyze https://www.reversinglabs.com/blog/examine-polyglot-files-spectra-analyze Tue, 17 Mar 2026 15:00:00 GMT 2026-03-17T15:00:00.000Z <![CDATA[Make Your SBOMs Actionable with PURLs]]> https://www.reversinglabs.com/blog/why-your-sboms-need-purls https://www.reversinglabs.com/blog/why-your-sboms-need-purls Thu, 12 Mar 2026 15:00:00 GMT 2026-03-12T15:00:00.000Z <![CDATA[OWASP adopts DockSec: Why it matters]]> https://www.reversinglabs.com/blog/owasp-adopts-docksec https://www.reversinglabs.com/blog/owasp-adopts-docksec Wed, 11 Mar 2026 15:00:00 GMT 2026-03-11T15:00:00.000Z <![CDATA[OpenClaw and AI risk: 3 AppSec lessons]]> https://www.reversinglabs.com/blog/openclaw-agentic-ai-risk https://www.reversinglabs.com/blog/openclaw-agentic-ai-risk Tue, 10 Mar 2026 15:00:00 GMT 2026-03-10T15:00:00.000Z <![CDATA[Claude Code Security: The pros and cons]]> https://www.reversinglabs.com/blog/claude-code-security https://www.reversinglabs.com/blog/claude-code-security Thu, 05 Mar 2026 16:00:00 GMT 2026-03-05T16:00:00.000Z