⏰ Tomorrow: We are hosting a live demo of RL Spectra Assure! Join RL’s Co-Founder Tomislav Peričin (Tomislav Pericin) as he demonstrates the capabilities of our #SoftwareSupplyChainSecurity solution, powered with #AI -driven complex binary analysis. RSVP now ⬇️ bit.ly/3VsmBbU

A malicious campaign targeting #PyPI results in the temporary suspension of new user registration and new project creation: bit.ly/3PELehQ

RL has now observed more than 500 PyPI packages published through an automated system in 2 days as part of this campaign. 🧵 ⬇️

🚨 New #ThreatResearch : ReversingLabs has discovered a campaign using #PyPI packages posing as open-source libraries to steal BIP39 mnemonic phrases, which are used to recover lost or destroyed #crypto wallets ⬇️ bit.ly/3wOl5Xk

This week, RL released its annual report: The State of #SoftwareSupplyChainSecurity 2024. In it, we identify 2023’s biggest attacks and how threat actors are improving. Get the report’s key takeaways here: hubs.ly/Q02gQtzY0

#AppSec #Cybersecurity

🚨 New #ThreatResearch 🚨 RL Researchers have found that malicious actors are becoming more innovative: They've moved from simple downloaders executing inside install scripts to a more refined approach that exploits #NuGet ’s #MSBuild integrations feature. hubs.ly/Q027crBQ0

ReversingLabs researchers discovered a new malicious campaign on #npm in which the letter 's' was all that separated a legit package from its malicious twin. The typosquatted package delivering the #r77 rootkit was downloaded more than 700 times. hubs.ly/Q024jJXm0

🚨 #ThreatResearch Update 🚨 ReversingLabs researchers discovered more packages that are part of the previously identified #VMConnect campaign, as well as evidence linking the campaign to North Korea's #Lazarus Group. hubs.ly/Q020Q09j0

🚨 Breaking #ThreatResearch 🚨 ReversingLabs researchers have identified more than a dozen malicious packages targeting #Roblox API users on the #npm repository, which recalls a 2021 attack. RL #Software #ThreatResearch er Lucija Valentić has the story ➡️ hubs.ly/Q01_YZ8s0

In this CybersecInsider blog post, Tomislav Peričin (@ap0x), Chief Software Architect at ReversingLabs shares the key takeaways from the recent #SoftwareSupplyChainAttack on #JumpCloud , as well as what it means for #TPRM & #SoftwareSupplyChainSecurity . hubs.ly/Q01ZCt9V0

ReversingLabs is on a rocket ship 🚀 we're pleased to share that our #leadership is growing! Please join us in welcoming:
📈 Michael Parker, Chief Marketing Officer
🏁 Ron Kormenek, SVP of Worldwide Sales
💯 Saša Zdjelar, Chief Trust Officer
hubs.ly/Q01Y2mYg0

⚠️ ReversingLabs researchers have discovered a new 'dual use’ campaign that uses malicious #npm packages to power #phishing kits and #softwaresupplychain attacks. Get the latest below ⬇️ hubs.ly/Q01WQn5W0

Experts believe that sophisticated cyber campaigns targeting software supply chains will become even more prominent in the months and years ahead — and there’s a good reason why. More on the #RSAC blog from author Tomislav Pericin. spr.ly/6013OLkL3

ICYMI: ReversingLabs co-founder & chief software architect Tomislav Peričin wrote for RSA Conference's blog on why sophisticated #cyber campaigns that target #softwaresupplychains will become even more prominent in the future. Read the full article now: hubs.ly/Q01S5g6l0

We're excited to announce our new partnership with DigiCert! By combining ReversingLabs' advanced #BinaryAnalysis & #ThreatDetection with #DigiCert 's #secure #CodeSigning solution, we're working together to enhance #SoftwareSupplyChainSecurity . hubs.ly/Q01Stn-w0

CVE-2023-0041 [PROBLEMTYPE] in [COMPONENT] in [VENDOR] [PRODUCT] [VERSION] on [PLATFORMS] allows [ATTACKER] to [IMPACT] via [VECTOR] cve.mitre.org/cgi-bin/cvenam…

The ReversingLabs #research team has identified a novel attack on #PyPI using compiled Python #code to evade detection — possibly the first attack to take advantage of PYC file direct execution. hubs.ly/Q01R-7nt0

ReversingLabs researchers discovered two malicious packages that contained #TurkoRat , an open source #infostealer that lurked on #npm for two months before being detected. Get the full story here ➡️ hubs.ly/Q01QpdRf0

ReversingLabs is proud to announce its new partnership with Synopsys to provide #SoftwareDevelopment and #security teams with a comprehensive #SoftwareSupplyChain #RiskManagement solution. Learn more ➡️ reversinglabs.com/newsroom/press…

Here's how bad actors are pushing #malware on #PyPI under the guise of legitimate yet abandoned open source modules, written by ReversingLabs #Software #ThreatResearcher Lucija Valentić. hubs.ly/Q01MzmB20

Good security teams speak with developers.

Bad security teams speak at developers.