Threat Research Round-Up Q4 2024 banner
ON DEMAND WEBINAR

Threat Research Round-Up Q4 2024

As we enter 2025, cyber threats to the software supply chain continue to evolve, exploiting popular platforms and tools to infiltrate systems and disrupt workflows.

In this Q4 threat research roundup, threat research experts from ReversingLabs dissect the most significant findings of Q4 2024, including:

✓ Malicious PyPI packages, such as aiocpa that pose as legitimate applications for months, before turning malicious.
✓ Campaigns targeting widely used open source libraries such as the compromises of the @solana/web3.js and @lottiefiles/lottie-player npm packages and the ultralytics PyPI package, comprising millions of downloads and thousands of dependent projects.
✓ Malicious VSCode extensions impersonating popular apps like Zoom to compromise developer environments.
✓ Malicious supply chain campaigns targeting cryptocurrency applications and infrastructure and what they tell us about the evolution of supply chain risks.
✓ A VSCode and npm-based campaign set to disrupt workflows in 2025. 

Our quarterly research round-up features actionable insights from ReversingLabs' researchers and real-world examples of threats and attacks.

Spectra Assure Free Trial

Get your 14-day free trial of Spectra Assure for Software Supply Chain Security

Get Free TrialMore about Spectra Assure Free Trial
Blog
Events
About Us
Webinars
In the News
Careers
Demo Videos
Cybersecurity Glossary
Contact Us
reversinglabsReversingLabs: Home
Privacy PolicyCookiesImpressum
All rights reserved ReversingLabs © 2026
XX / TwitterLinkedInLinkedInFacebookFacebookInstagramInstagramYouTubeYouTubeblueskyBlueskyRSSRSS
Back to Top
ReversingLabs: The More Powerful, Cost-Effective Alternative to VirusTotalSee Why
Skip to main content
Contact UsSupportLoginBlogCommunity
reversinglabs
ReversingLabs: Home
Solutions
Secure Software OnboardingSecure Build & ReleaseProtect Virtual MachinesIntegrate Safe Open SourceGo Beyond the SBOM
Increase Email Threat ResilienceDetect Malware in File Shares & StorageAdvanced Malware Analysis SuiteICAP Enabled Solutions
Scalable File AnalysisHigh-Fidelity Threat IntelligenceCurated Ransomware FeedAutomate Malware Analysis Workflows
Products & Technology
Spectra Assure®Software Supply Chain SecuritySpectra DetectHigh-Speed, High-Volume, Large File AnalysisSpectra AnalyzeIn-Depth Malware Analysis & Hunting for the SOCSpectra IntelligenceAuthoritative Reputation Data & Intelligence
Spectra CoreIntegrations
Industry
Energy & UtilitiesFinanceHealthcareHigh TechPublic Sector
Partners
Become a PartnerValue-Added PartnersTechnology PartnersMarketplacesOEM Partners
Alliances
Resources
BlogContent LibraryCybersecurity GlossaryConversingLabs PodcastEvents & WebinarsLearning with ReversingLabsWeekly Insights Newsletter
Customer StoriesDemo VideosDocumentationOpenSource YARA Rules
Company
About UsLeadershipCareersSeries B Investment
EventsRL at RSAC
Press ReleasesIn the News
Pricing
Software Supply Chain SecurityMalware Analysis and Threat Hunting
Request a demo
Menu
WATCH ON DEMAND