The ReversingLabs research team has identified a novel attack on PyPI using compiled Python code to evade detection — possibly the first attack to take advantage of PYC file direct execution.
Read More about When byte code bites: Who checks the contents of compiled Python files?
ReversingLabs researchers discovered two malicious packages that contained TurkoRat, an open source infostealer that lurked on npm for two months before being detected.
Read More about RATs found hiding in the npm attic
Quantum, once a popular ransomware gang, is no longer an active threat. However, ReversingLabs researchers created detection rules for a debugger evasion recently added to the Malware Behavior Catalog as Exception Flooding.
Read More about Detecting Debugger Evasion: Exception Flooding
It takes a village... Researchers play capture the flag to find vulns in tools like ChatGPT — with a White House assist.
Read More about Red teamers take on AI at DEF CON 31
What’s in a name? Here's how bad actors are pushing malware on the Python Package Index under the guise of legitimate yet abandoned open source modules.
Read More about Package names repurposed to push malware on PyPI
The VOIP software company missed signs that its client had been tampered with before it pushed the update to customers.
Read More about Red flags flew over software supply chain-compromised 3CX update
A Visual Studio Code Extensions Marketplace flaw highlights the risk potential. Here's how the VS Code IDE can proliferate to npm.
Read More about VS Code hack shows how supply chain attacks can extend to other software development tools
ReversingLabs YARA detection rule for NB65 can help you find this ransomware in your environment.
Read More about From the Labs: YARA Rule for Detecting NB65
Here are the key takeaways from the Colour-Blind remote access trojan, with insights from supply chain security experts
Read More about PyPI repo poisoned with "Colour-Blind" RAT
ReversingLabs researchers discovered dozens of malicious packages on Python Package Index that mimic popular libraries
Read More about Developers beware: Imposter HTTP libraries lurk on PyPI
This is not a drill: Denis Pushkarev has big debts — and his code is EVERYWHERE
Read More about Core-JS: Beware hidden dependencies from indebted Russian developers
ReversingLabs’ YARA detection rule for Lorenz can help you find this ransomware in your environment.
Read More about From the Labs: YARA Rule for Detecting Lorenz
Aabquerys is a malicious npm package discovered typosquatting on a legitimate module that downloads malicious components
Read More about Open-source repository malware sows Havoc
Researcher Eaton Zveare discloses massive back door in Toyota web app exploiting a JsonWebToken used for authentication
Read More about Leaky app gives researcher 'total, global control' over the Toyota supplier network
Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond.
Read More about The Week in Security: Russia takes aim at Ukraine with Sandworm, the truth about Russia's top search engine