News
June 26, 2025

Information Security Buzz: Commercial Software’s Seven Deadly Sins

At ReversingLabs, we’ve identified seven critical risks that plague commercial software, or what we call Commercial Software’s Seven Deadly Sins.
June 20, 2025

Dark Reading: Hackers Post Dozens of Malicious Copycat Repos to GitHub

As package registries find better ways to combat cyberattacks, threat actors are finding other methods for spreading their malware to developers.
March 26, 2025

The Hacker News: Malicious npm Package Modifies Local 'ethers' Library to Launch Reverse Shell Attacks

ReversingLabs' analysis of ethers-provider2 has revealed that it's nothing but a trojanized version of the widely-used ssh2 npm package
March 25, 2025

SC Media: AI has become the supply chain

Microsoft Security’s artificial intelligence (AI) security team recently shared its findings from a multi-year study that involved red teaming 100 generative AI (GenAI) products.
February 26, 2025

HelpNetSecurity: Malicious ML models found on Hugging Face Hub

Researchers have spotted two machine learning (ML) models containing malicious code on Hugging Face Hub, the popular online repository for datasets and pre-trained models.
February 26, 2025

Dark Reading: Open Source AI Models: Perfect Storm for Malicious Code, Vulnerabilities

Companies pursing internal AI development using models from Hugging Face and other open source repositories need to focus on supply chain security and checking for vulnerabilities.