News

ReversingLabs’ Director of Product Management Charlie Jones explains how the attack surface within today’s software supply chains has grown exponentially.

The Common Vulnerabilities and Exposures (CVE) List and the consequent National Vulnerability Database (NVD) can no longer be considered a single central source of vulnerability truth.

ReversingLabs Threat Researcher Petar Kirhmajer published a blog post detailing the research team’s findings on Tuesday.

Threat hunters have identified a suspicious package in the NuGet package manager that's likely designed to target developers working with tools made by a Chinese firm that specializes in industrial- and digital equipment manufacturing.

A suspicious NuGet package likely targets developers working with technology from Chinese firm Bozhon.

Federal suppliers now have a self-attestation deadline amid ongoing efforts to secure software supply chains.