September 26, 2024
Saša Zdjelar of ReversingLabs, explains why SBOM are a good first start, but aren’t enough to deliver secure software.
September 26, 2024
According to ReversingLabs, the hackers behind the effort are luring developers with fake job offers and instructing them to download PyPI packages with obfuscated malware from GitHub repositories as part of coding tests.
September 13, 2024
New research from Reversing Labs shows that the Lazarus Group is continuing its campaign of tempting targeting developers with malicious software packages on open-source repositories by posing as employees of the financial services firm Capital One.
September 12, 2024
Lazarus Group has been observed continuing its VMConnect campaign by targeting developers with new malicious software packages on open source repositories, according to ReversingLabs.
September 12, 2024
North Korean attackers pose as recruiters for financial firms to lure developers into executing trojanized Python projects on their machines as part of fake job interviews.
September 11, 2024
Members of the North Korean hacker group Lazarus posing as recruiters are baiting Python developers with coding test project for password management products that include malware.