Blog | ReversingLabs | Threat Research (4)

Threat Research (4)

July 27, 2023

More malicious npm packages found in wake of JumpCloud supply chain hack

ReversingLabs researchers uncovered evidence of more malicious npm packages beyond those already disclosed — and conclude that the attack is still active.

July 21, 2023

From the Labs: YARA Rule for Detecting Minodo

In this edition, we take a look at what Minodo is, where it came from, and how cybercriminals are using it to deliver other malware families.

July 7, 2023

From the Labs: YARA Rule for Detecting StealC

In this edition of From the Labs, we contextualize StealC, a popular malware infostealer that has become a favored tool for cybercriminals.

July 6, 2023

Operation Brainleeches: Malicious npm packages fuel supply chain and phishing attacks

“Write once, infect everywhere” might be the new cybercrime motto, with newly discovered campaigns showing malicious npm packages powering phishing kits and supply chain attacks.

June 16, 2023

From the Labs: YARA Rule for Detecting HermeticRansom

The ReversingLabs YARA detection rule for HermeticRansom can help you find this ransomware in your environment.

June 1, 2023

When byte code bites: Who checks the contents of compiled Python files?

ReversingLabs researchers identified a PyPI attack using compiled Python code to evade detection — possibly the first PYC file direct-execution attack.

May 18, 2023

RATs found hiding in the npm attic

ReversingLabs researchers discovered two malicious packages that contained TurkoRat, an infostealer that lurked on npm for months before being detected.

May 12, 2023

Detecting Debugger Evasion: Exception Flooding

ReversingLabs researchers created detection YARA rules for a debugger evasion recently added to the Malware Behavior Catalog as Exception Flooding.

May 9, 2023

Red teamers take on AI at DEF CON 31

It takes a village... In Las Vegas, researchers play capture the flag to find vulnerabilities in tools like ChatGPT — with a White House assist.

April 24, 2023

Package names repurposed to push malware on PyPI

What’s in a name? Here's how bad actors are pushing malware on the Python Package Index under the guise of legitimate yet abandoned open source modules.

March 30, 2023

Red flags flew over software supply chain-compromised 3CX update

The VOIP software vendor missed signs that its client software had been tampered with before it pushed the update to customers.

March 27, 2023

VS Code hack shows how supply chain attacks can extend to other software development tools

The new Visual Studio Code IDE hack highlights the risk of spreading beyond the Extensions Marketplace. Here's how the threat can proliferate to npm.

Software Supply Chain Security

File Security

Security Operations

Products

Technology

Industry

Partners

Alliances

Resources

Company

Events

Press

Threat Research (4)

More malicious npm packages found in wake of JumpCloud supply chain hack

From the Labs: YARA Rule for Detecting Minodo

From the Labs: YARA Rule for Detecting StealC

Operation Brainleeches: Malicious npm packages fuel supply chain and phishing attacks

From the Labs: YARA Rule for Detecting HermeticRansom

When byte code bites: Who checks the contents of compiled Python files?

RATs found hiding in the npm attic

Detecting Debugger Evasion: Exception Flooding

Red teamers take on AI at DEF CON 31

Package names repurposed to push malware on PyPI

Red flags flew over software supply chain-compromised 3CX update

VS Code hack shows how supply chain attacks can extend to other software development tools

Topics

Special Reports

The 2025 Software Supply Chain Security Report

Upcoming Webinars

ConversingLabs

Threat Research (4)

Topics

Follow us

Subscribe

Special Reports