Blog | ReversingLabs | The Week in Security

August 24, 2023

The Week in Security: WinRAR exploit targets traders, malicious npm packages go after game devs

Hackers are exploiting a zero-day to target crypto and stock traders, RL discovers over a dozen malicious npm packages targeting Roblox game developers.

August 10, 2023

The Week in Security: Cloudflare Tunnels abuse ramps up, U.K. voter data exposed

This week: Hackers are increasingly abusing Cloudflare Tunnels for nefarious purposes. Also: Britons' data exposed in an Electoral Commission cyberattack.

August 3, 2023

The Week in Security: Malware gives remote access to air-gapped devices, cyber attackers target Italy

This week: Hackers use new malware to gain remote access to air-gapped devices. Also: Cybercriminals are using WikiLoader to attack Italian organizations.

July 27, 2023

The Week in Security: North Korean APT targets developers, this Barbie is a cybercriminal

This week: North Korean APT group targets developers via GitHub. Also: This Barbie is a cybercriminal.

July 20, 2023

The Week in Security: Google Cloud Build permissions can be poisoned, WormGPT weaponizes AI

Researchers find Google Cloud Build permissions can be used to poison production environments, and a new AI model enables sophisticated phishing attacks.

July 6, 2023

The Week in Security: Third-party breach exposes customer to LockBit, countries team to block DDoS

Yet another third-party vendor breach leaves customer vulnerable to ransomware. Also: The UAE teamed up with Israel to defend against a major DDoS attack.

June 29, 2023

The Week in Security: Third-party compromise lands pilot data from American, Southwest airlines

This week: The hack of systems used by a third-party recruiting vendor exposed pilot recruit data from both American Airlines and Southwest Airlines. Also: a Trojanized Super Mario installer is targeting gamer data.

June 22, 2023

The Week in Security: BlackCat threatens to leak Reddit data, attackers target npm packages (again)

This week: BlackCat hackers threaten to leak Reddit’s data. Also: Hijacked S3 buckets are being used in attacks on npm packages.

June 15, 2023

The Week in Security: Ukraine APT attacks tied to Russia, critical eye placed on AI-generated software

This week: Microsoft finds APT group attacking Ukraine is in cahoots with the Russian government. Also: A critical look at AI-generated software.

June 8, 2023

The Week in Security: AI hallucinations linked to software supply chain risk, CI fix deemed critical

Researchers link ChatGPT hallucinations and software supply chain threat. Also, a watch group says better critical infrastructure security is needed.

June 1, 2023

The Week in Security: Barracuda email flaw left open for months, calls for AI governance turn existential

This week: Barracuda’s appliances had an undetected flaw, which was abused by hackers for months. Also: Could AI bring on an ‘extinction event?’

May 25, 2023

The Week in Security: Lazarus targets Microsoft servers in espionage campaign, the future of PyPI

This week: North Korean APT Lazarus uses Microsoft IIS servers to carry out espionage. Also: What’s the future of PyPI amidst continuing attacks?

Software Supply Chain Security

File Security

Security Operations

Products

Technology

Partners

Alliances

Resources

Company

Events

Press

The Week in Security

The Week in Security: WinRAR exploit targets traders, malicious npm packages go after game devs

The Week in Security: Cloudflare Tunnels abuse ramps up, U.K. voter data exposed

The Week in Security: Malware gives remote access to air-gapped devices, cyber attackers target Italy

The Week in Security: North Korean APT targets developers, this Barbie is a cybercriminal

The Week in Security: Google Cloud Build permissions can be poisoned, WormGPT weaponizes AI

The Week in Security: Third-party breach exposes customer to LockBit, countries team to block DDoS

The Week in Security: Third-party compromise lands pilot data from American, Southwest airlines

The Week in Security: BlackCat threatens to leak Reddit data, attackers target npm packages (again)

The Week in Security: Ukraine APT attacks tied to Russia, critical eye placed on AI-generated software

The Week in Security: AI hallucinations linked to software supply chain risk, CI fix deemed critical

The Week in Security: Barracuda email flaw left open for months, calls for AI governance turn existential

The Week in Security: Lazarus targets Microsoft servers in espionage campaign, the future of PyPI

Topics

Special Reports

The 2025 Software Supply Chain Security Report

Upcoming Webinars

ConversingLabs

The Week in Security

Topics

Follow us

Subscribe

Special Reports