ReversingLabs researchers detected the malicious behavior because the purported library modification contained code obfuscated with JavaScript Obfuscator

The SolarWinds incident was the subject of five separate talks and panels at the recent RSA conference in San Francisco

ReversingLabs report showed that VMware ESXi virtual machines have been a primary focus for encryption by GwisinLocker's Linux encryptor

The malware packages had names that were common typosquats of a legitimate widely used Python library. One was downloaded hundreds of times.

ReversingLabs said it found 31 npm libraries that contained obfuscated JavaScript code that would steal web form data

Researchers at ReversingLabs have uncovered evidence of a widespread software supply chain attack through malicious JavaScript packages picked up via NPM