On Demand Webinar

When Worms (and Phish) Attack

Threat Research Round-Up Q3 2025

Recent research highlights how attackers are exploiting the interconnected nature of modern development environments to launch stealthy and highly effective supply chain intrusions.

Watch our latest Research Round-Up webinar as we dissect five campaigns investigated by ReversingLabs since June. They are:

The Shai Hulud worm, which propagates through DevOps pipelines by abusing build automation and artifact distribution.
Malicious Ethereum smart contracts embedding obfuscated logic designed to trigger hidden behaviors post-deployment.
A weaponized pull request that introduced a backdoor into a Visual Studio Code extension.
The ESLint compromise, where attackers compromised eslint-config-prettier - an npm package with more than 3.5 billion downloads and 12,000 dependencies, using it to inject persistent malware into developer systems.

On Demand Webinar

When Worms (and Phish) Attack

Threat Research Round-Up Q3 2025

Recent research highlights how attackers are exploiting the interconnected nature of modern development environments to launch stealthy and highly effective supply chain intrusions.

Watch our latest Research Round-Up webinar as we dissect five campaigns investigated by ReversingLabs since June. They are:

The Shai Hulud worm, which propagates through DevOps pipelines by abusing build automation and artifact distribution.
Malicious Ethereum smart contracts embedding obfuscated logic designed to trigger hidden behaviors post-deployment.
A weaponized pull request that introduced a backdoor into a Visual Studio Code extension.
The ESLint compromise, where attackers compromised eslint-config-prettier - an npm package with more than 3.5 billion downloads and 12,000 dependencies, using it to inject persistent malware into developer systems.

When Worms (and Phish) Attack

Spectra Assure Free Trial

When Worms (and Phish) Attack

Spectra Assure Free Trial