December 19, 2022
A malicious Python file found on the PyPI repo adds backdoor and data exfiltration features to what appears to be a legitimate SDK client from SentinelOne.
December 14, 2022
Here comes AlphaCode: Another AI code-generating parlor trick spitting out vulnerabilities. Is your software security team ready for the onslaught?
December 7, 2022
The initial flush of enthusiasm for ChatGPT has waned. And quite a few of the bugs in the buggy code it spits out are exploitable security vulnerabilities.
December 7, 2022
With supply chain attacks surging, now is the time to reflect — and look forward. ReversingLabs’ new report explores trends, best practices and more.
December 1, 2022
Here's ReversingLabs' discoveries and indicators of compromise (IOCs) for W4SP, as well as links to our YARA rule that can be used to detect the malicious Python packages in your environment.
December 1, 2022
One year ago, a vulnerability in Apache’s Log4j turned the security world on its ear. What has changed since then? Here are the key takeaways from Log4Shell's legacy.
All Stories
Software Supply Chain Security
Dev & DevSecOps
CI/CD Security
Container Security