software supply chain security Groundhog day: NPM package caught stealing browser passwords Karlo Zanki Today almost everyone knows that they need to protect their publicly exposed services and applications against the... Read More
Research Third-party code comes with some baggage Karlo Zanki Recognizing risks introduced by statically linked third-party libraries Read More
Research It only takes one line of code to ruin your day Chris Hoff Much like SolarWinds before it, this incident shows we need to take a more critical look at the software we are using... Read More
Blog A CISO’s guide to protecting against modern software threats Chris Hoff How to Rebuild Trust in the SDLC and 3rd Party Software Supply Chain Read More
Threat Research SunBurst: the next level of stealth Tomislav Peričin SolarWinds compromise exploited through sophistication and patience Read More
Threat Research Mining for malicious Ruby gems Tomislav Maljic Typosquatting barrage on RubyGems software repository users Read More
Security Operations Why you need to prioritize development and software supply chain security ReversingLabs Enterprise software development graduated from the “waterfall” framework of development and operations Read More
Threat Research How to detect software supply chain attacks ReversingLabs There are many reasons software supply chain attacks are attractive to cyber criminals Read More
Security Architectures How existing cybersecurity frameworks can curb software supply chain attacks ReversingLabs Implementing Processes and Controls to Disrupt Attackers Read More
Threat Research The NPM package that walked away with all your passwords Tomislav Peričin Detecting malware in package manager repositories Read More