ReversingLabs Accelerates Strategy to Secure Software Supply Chain, Appoints Peter Doggart as Chief Operating Officer
Read More
Secrets Exposed: An Essential Guide to Securing Secrets in Software
Read eBook
New App Sec Series | Software Package Deconstruction
Learn More
ReversingLabs and Synopsys Join Forces to Combat Software Supply Chain Threats
Learn More

Secure Software Blogwatch

‘Extinction risk’: Could code-writing AI wipe out humans via software backdoors?
May 31, 2023

‘Extinction risk’: Could code-writing AI wipe out humans via software backdoors?

Experts warn ChatGPT-based coding could do to us what an asteroid did to the dinosaurs. Hype — or heads-up to reckon with?
Read More
PyPI paused as automated attack overwhelms admins
May 23, 2023

PyPI paused as automated attack overwhelms admins

Python Package Index was flooded with malicious typo-squatting packages. Weekend warriors quit defense and hit the pause button.
Read More
Lessons from MSI's UEFI key breach: How safe are the secrets in your software?
May 17, 2023

Lessons from MSI's UEFI key breach: How safe are the secrets in your software?

Stolen keys allow bootkits to avoid Intel’s “Guard” features. And there’s no way to revoke them.
Read More
Red teamers take on AI at DEF CON 31
May 9, 2023

Red teamers take on AI at DEF CON 31

It takes a village... In Las Vegas, researchers play capture the flag to find vulnerabilities in tools like ChatGPT — with a White House assist.
Read More
SolarWinds hack: Did DOJ know 6 months earlier?
May 3, 2023

SolarWinds hack: Did DOJ know 6 months earlier?

The Department of Justice is reported to have stayed on the down-low on SolarWinds. Poster child for software supply chain security? The plot thickens...
Read More
#RSAC is big again — and AI + security is huge: #StrongerTogether?
April 26, 2023

#RSAC is big again — and AI + security is huge: #StrongerTogether?

RSA Conference is back big in 2023, with large language models buzzing: Al to fight AI, and generative AI and supply chain security.
Read More
EU cyber laws ‘will’ make FOSS devs liable
April 18, 2023

EU cyber laws ‘will’ make FOSS devs liable

The goal might be laudable, but aspects of the EU law need a major rethink. In this week’s Secure Software Blogwatch, we fear unintended consequences.
Read More
Has public USB ‘juice jacking’ made it into the wild?
April 11, 2023

Has public USB ‘juice jacking’ made it into the wild?

Déjà vu, but carry protection, dev teams traveling with credentials: Theorized as early as 2011, could public-USB attacks have finally gone rogue?
Read More
With Twitter code in the wild, DevSecOps doubts surface
April 5, 2023

With Twitter code in the wild, DevSecOps doubts surface

In this week’s Secure Software Blogwatch, we ponder the unintended consequences of “transparency.”
Read More
Do you trust AI to find app sec holes while you sleep?
March 29, 2023

Do you trust AI to find app sec holes while you sleep?

Purr-fect? Or cat-astrophe? Microsoft wants you to cat nap as its Security Copilot combats software security threats.
Read More
White House cyber strategy: A love/hate story
March 7, 2023

White House cyber strategy: A love/hate story

The new National Cybersecurity Strategy will punish big software developers for failing to follow best practices. And, for the first time, make them liable.
Read More
LastPass revelations: BIG lessons for DevSecOps teams
March 1, 2023

LastPass revelations: BIG lessons for DevSecOps teams

LastPass has revealed a little more about the vault breach that occurred during August last year. And there are big, big lessons to be learned for DevSecOps teams.
Read More

SUBSCRIBE

Get the Best of the ReversingLabs newsletter delivered to your in-box weekly to stay up to date on key trends, analysis and best practices across threat intelligence and software supply chain security.

ConversingLabs Cafe: Chris Romeo on the state of application security ConversingLabs Cafe: Chris Romeo on the state of application security
Conversations About Threat Hunting and Software Supply Chain Security
Behaviors & Diffs: Better Together for Software Supply Chain Security Behaviors & Diffs: Better Together for Software Supply Chain Security
Glassboard conversations with ReversingLabs Field CISO Matt Rose
Software Package Deconstruction: Deconstructing UPS Ship Manager Software Package Deconstruction: Deconstructing UPS Ship Manager
Analyzing Risks To Your Software Supply Chain