RL Blog

Topics

All Blog PostsAppSec & Supply Chain SecurityDev & DevSecOpsProducts & TechnologySecurity OperationsThreat Research
2026-06-18_Forrester & RL Upcoming Webinar

Forrester Names RL in Agentic Development Security Market

The new landscape report maps 35 vendors addressing an emerging category of risk: AI agents writing insecure code at machine speed.

Read More about Forrester Names RL in Agentic Development Security Market
Forrester Names RL in Agentic Development Security Market

Follow us

XX / TwitterLinkedInLinkedInFacebookFacebookInstagramInstagramYouTubeYouTubeblueskyBluesky

Subscribe

Get the best of RL Blog delivered to your in-box weekly. Stay up to date on key trends, analysis and best practices across threat intelligence and software supply chain security.

ReversingLabs: The More Powerful, Cost-Effective Alternative to VirusTotalSee Why
Skip to main content
Contact UsSupportBlogCommunity
reversinglabsReversingLabs: Home
Solutions
Secure Software OnboardingSecure Build & ReleaseProtect Virtual MachinesIntegrate Safe Open SourceGo Beyond the SBOM
Increase Email Threat ResilienceDetect Malware in File Shares & StorageAdvanced Malware Analysis SuiteICAP Enabled Solutions
Scalable File AnalysisHigh-Fidelity Threat IntelligenceCurated Ransomware FeedAutomate Malware Analysis Workflows
Products & Technology
Spectra Assure®Software Supply Chain SecuritySpectra DetectHigh-Speed, High-Volume, Large File AnalysisSpectra AnalyzeIn-Depth Malware Analysis & Hunting for the SOCSpectra IntelligenceAuthoritative Reputation Data & Intelligence
Spectra CoreIntegrations
Industry
Energy & UtilitiesFinanceHealthcareHigh TechPublic Sector
Partners
Become a PartnerValue-Added PartnersTechnology PartnersMarketplacesOEM Partners
Alliances
Resources
BlogContent LibraryCybersecurity GlossaryConversingLabs PodcastEvents & WebinarsLearning with ReversingLabsWeekly Insights Newsletter
Customer StoriesDemo VideosDocumentationOpenSource YARA Rules
Company
About UsLeadershipCareersSeries B Investment
Events
Press ReleasesIn the News
Pricing
Software Supply Chain SecurityMalware Analysis and Threat Hunting
Request a demo
Menu
AppSec & Supply Chain SecurityOctober 20, 2022

The Week in Security: Attacks on critical infrastructure and the software supply chain take off

Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond.

smiling woman with glasses
Carolynn van Arsdale, Writer, ReversingLabs.Carolynn van Arsdale
FacebookFacebookXX / TwitterLinkedInLinkedInblueskyBlueskyEmail Us
The Week in Security: Attacks on critical infrastructure and the software supply chain take off

This week: Critical infrastructure sectors such as education and aviation are being targeted by cybercriminals. Also: software supply chain attacks have increased by 742% in the past 3 years.

This week’s top story

Critical infrastructure sectors such as airports continue to be targeted

Cyber attacks on critical infrastructure organizations globally have been happening for decades. But the incident that brought this concern back to the forefront of the cybersecurity community was the infamous ransomware attack on Colonial Pipeline, a private company that supplies gasoline to America’s eastern seaboard. This attack caught international attention, and everyday Americans were directly impacted as a result of this critical infrastructure entity being disrupted.

A year-and-a-half later, cybercriminals are continuing to feel emboldened in their targeting of critical infrastructure organizations, both in the U.S. and abroad. As of this month, cybercriminals have targeted at least four different critical infrastructure sectors, which if disrupted could cause societal disarray and national security concerns.

Most recently, researchers at Microsoft have discovered a new ransomware campaign that is targeting transportation and logistics organizations in Poland and Ukraine. Known as Prestige Ransomware, the group targeted a number of victims within the same hour, using three different attack methods.

Additionally, healthcare providers have become a popular target for cybercriminals. Just this month, CommonSpirit, a major healthcare provider in the U.S., suffered a ransomware attack that the health system is still trying to recover from. The attack resulted in 142 facilities in 21 states losing access to online networks, causing disruptions to patient care. Cybercriminals have also attacked healthcare networks abroad, such as a French hospital in August.

The aviation industry has become another target for cybercriminals, and U.S. government officials are beginning to take action to better secure this area of critical infrastructure. This comes after a string of cyber attacks that impacted several U.S. airports, including the Los Angeles and Atlanta airports.

Also on the growing list of targeted critical infrastructure entities is education, with targets ranging from K-12 schools to colleges and universities. Over 1000 schools and colleges were targeted by cybercriminals in 2021 alone, and so far in 2022 this number has already increased, bringing the total closer to 2000 victims this year alone.

Not only is it concerning that cybercriminals are attacking a wide range of critical infrastructure entities, but also that most of these cybercrime operations are originating from Russia, or have been carried out by Russian-speaking actors. This is the case with the incidents targeting transportation and logistics organizations in Poland and Ukraine, several American airports, as well as educational institutions, specifically the Los Angeles school district.

It’s evident that protecting critical infrastructure will have to continue to be the cybersecurity community’s responsibility, especially as more sectors and countries are targeted in the future.

News roundup

Here are the stories we’re paying attention to this week…

Sonatype report reveals software supply chain attacks soar 742% in 3 years (IT Security Guru)

Sonatype’s eighth annual State of the Software Supply Chain report, which was compiled from public and proprietary data analysis, has revealed the figures including 131 billion Maven Central downloads and thousands of open source projects.

Ransom Cartel linked to notorious REvil ransomware operation (BleepingComputer)

Researchers have linked the relatively new Ransom Cartel ransomware operation with the notorious REvil gang based on code similarities in both operations' encryptors.

Qatar spyware and the World Cup (Schneier on Security)

Everyone visiting Qatar for the World Cup needs to install spyware on their phone. They will be asked to download two apps called Ehteraz and Hayya, which both track phone activities.

Imagine surviving a wiper attack only for ransomware to scramble your restored files (The Register)

Organizations hit earlier by the HermeticWiper malware have reportedly been menaced by ransomware unleashed this month against transportation and logistics industries in Ukraine and Poland.

Keep learning

  • Get up to speed on the Agentic Development Security tools landscape in this June 18 webinar with Forrester Sr. Analyst Janet Worthington.
  • Learn why binary analysis is a must-have control in the Gartner® CISO Playbook for Commercial Software Supply Chain Security.
  • Take a deep dive on the state of software security with RL's Software Supply Chain Security Report 2026. Plus: See the the webinar discussing the findings.

Explore RL's Spectra suite: Spectra Assure for software supply chain security, Spectra Detect for scalable file analysis, Spectra Analyze for malware analysis and threat hunting, and Spectra Intelligence for reputation data and intelligence.

Tags:AppSec & Supply Chain Security

More Blog Posts

Shai-hulud worm DevOps

npm v12 blocks install scripts: What it means for software security

By disabling install scripts by default, it closes the vector worms like Shai-Hulud rely on. Here's what the update fixes — and what it doesn't.

Learn More about npm v12 blocks install scripts: What it means for software security
npm v12 blocks install scripts: What it means for software security
MCP is the new API

MCP security tracks API's playbook — we know how that ends

The standard connecting AI agents to tools and data leaves security to others. Make it a do-over.

Learn More about MCP security tracks API's playbook — we know how that ends
MCP security tracks API's playbook — we know how that ends
CVE Lite CLI

Dependency remediation bolstered with CVE Lite CLI

OWASP's new dependency scanner gives developers actionable fixes. But supply chain attacks aren’t yet CVEs.

Learn More about Dependency remediation bolstered with CVE Lite CLI
Dependency remediation bolstered with CVE Lite CLI
Out front in race

Get ahead of frontier AI: 5 AppSec strategy upgrades

Frontier AI is collapsing the time from vulnerability discovery to exploit. Here are 5 ways to update your AppSec before it hits.

Learn More about Get ahead of frontier AI: 5 AppSec strategy upgrades
Get ahead of frontier AI: 5 AppSec strategy upgrades

Spectra Assure Free Trial

Get your 14-day free trial of Spectra Assure for Software Supply Chain Security

Get Free TrialMore about Spectra Assure Free Trial
Blog
Events
About Us
Webinars
In the News
Careers
Demo Videos
Cybersecurity Glossary
Contact Us
reversinglabsReversingLabs: Home
Privacy PolicyCookiesImpressum
All rights reserved ReversingLabs © 2026
XX / TwitterLinkedInLinkedInFacebookFacebookInstagramInstagramYouTubeYouTubeblueskyBlueskyRSSRSS
Back to Top