Blog | ReversingLabs (12)

February 1, 2024

Lessons from the Mercedes-Benz GitHub source code leak

Here's what we know about the automaker's latest secrets breach — and lessons your security team can draw from it.

January 30, 2024

HPE, Microsoft breach disclosures mark new era of CISO accountability

New revelations show Russia’s SVR has stepped up cyber-espionage. They also spotlight how public companies are on the hook with the SEC’s disclosure laws.

January 23, 2024

GitGot: GitHub leveraged by cybercriminals to store stolen data

ReversingLabs researchers found two suspicious npm packages that demonstrate how GitHub is increasingly being used to easily deploy malware in novel ways.

January 17, 2024

GitHub Actions hack bolsters case for complex binary analysis

Here are key takeaways from the research — and why you need to evolve your application security approach with binary analysis and reproducible builds.

January 16, 2024

Key Takeaways from the 2024 State of SSCS Report

ReversingLabs has released its annual report covering the state of software supply chain security. Learn top trends and get unique insights.

January 16, 2024

Software supply chain attacks: A (partial) history

A list of known (documented, reported) attacks involving compromises of software supply chains (from latest to oldest).

January 11, 2024

Evolution of AppSec: 4 requirements for the software supply chain security era

AppSec must make a giant leap forward to modern practices and tooling in order to tackle the new era of software supply chain attacks. Here are four steps.

January 10, 2024

2023 Updates in Review: Malware Analysis and Threat Hunting

Here’s an overview of the key product updates to ReversingLabs malware analysis and threat hunting solutions from 2023.

January 9, 2024

Zoom joins the vulnerability fray: Will VISS move the needle on AppSec?

Here's what you need to know about Zoom's Vulnerability Impact Scoring System, how it compares to EPSS — and how it can advance your application security.