Explore ReversingLabs Software Supply Chain Security's New Secrets Capabilities
LEARN MORE
Forrester Report: The Software Composition Analysis Landscape, Q1 2023 
LEARN MORE
eBook: Why Traditional App Sec Testing Fails on Supply Chain Security
READ NOW

Security Operations

The Week in Security: Twitter gets subpoena for source code leak, 3CX supply chain attack surfaces
March 30, 2023

The Week in Security: Twitter gets subpoena for source code leak, 3CX supply chain attack surfaces

This week: GitHub is issued a subpoena by Twitter over leaked source code. Also: 3CX software supply chain attack leaves millions at risk.
Read More
The Week in Security: YoroTrooper steals credentials in Europe, AI-created videos spread malware
March 16, 2023

The Week in Security: YoroTrooper steals credentials in Europe, AI-created videos spread malware

A Russian-speaking threat actor has breached several European organizations. Also: AI-created videos on YouTube are spreading infostealer malware.
Read More
The Week in Security: Lazarus attacks same South Korean entity twice, use of hard-coded secrets is up
March 9, 2023

The Week in Security: Lazarus attacks same South Korean entity twice, use of hard-coded secrets is up

North Korean-linked hacking group Lazarus attacked the same South Korean financial entity twice in 2022. Also: The number of hard-coded secrets is way up.
Read More
The Week in Security: LastPass shares disturbing breach details, CISA calls for software maker liability
March 2, 2023

The Week in Security: LastPass shares disturbing breach details, CISA calls for software maker liability

New details expose that the recent hack on LastPass was worse than previously thought. Also: CISA has called for for software makers who develop insecure software to be held liable.
Read More
The Week in Security: U.S. Special Ops Command server exposed emails, phishing campaign hits npm
February 23, 2023

The Week in Security: U.S. Special Ops Command server exposed emails, phishing campaign hits npm

A misconfiguration likely caused a U.S. government server to leak sensitive military emails, and a massive phishing spam campaign has taken over npm.
Read More
The Week in Security: Russian hackers targeted U.S. gas and electric, malicious PyPI packages show prowess
February 16, 2023

The Week in Security: Russian hackers targeted U.S. gas and electric, malicious PyPI packages show prowess

This week: Russian-linked PIPEDREAM malware targeted critical infrastructure. Also: 400 malicious packages found on PyPI demonstrates attacker prowess.
Read More
The Week in Security: After breach, 'unusual activity' detected in GoTo and LastPass dev environments
January 26, 2023

The Week in Security: After breach, 'unusual activity' detected in GoTo and LastPass dev environments

This week: GoTo says its 2022 breach was worse than reported, also affecting LastPass. Also: A hacktivist finds FBI No Fly list on an unsecured server.
Read More
Shift the SOC left: Why your organization should integrate DevOps with Security Operations
January 9, 2023

Shift the SOC left: Why your organization should integrate DevOps with Security Operations

The collaboration between SOCs and software development teams is essential for ensuring your organization's software security. Here's why. 
Read More

SUBSCRIBE

Get the best of the ReversingLabs Blog delivered to your in-box weekly.