Blog | ReversingLabs | AppSec & Supply Chain Security (16)

April 24, 2023

Package names repurposed to push malware on PyPI

What’s in a name? Here's how bad actors are pushing malware on the Python Package Index under the guise of legitimate yet abandoned open source modules.

April 24, 2023

What traditional app sec tools miss: The monsters in your software supply chain

Matt Rose will present at RSAC 2023 on the mismatch between traditional app sec tools like SCA and modern supply chain threats. Here are key highlights.

April 21, 2023

The 3CX supply chain attack gets wilder, marks first 'cascading software supply chain compromise'

The surprising story of the supply chain hack of VoIP provider 3CX got even crazier this week. Here's what your application security need to know.

April 20, 2023

Companies scramble to cover software supply chain security gaps: 3 key survey takeaways

The new ReversingLabs Software Supply Chain Risk Survey found that supply chain security poses serious risk that traditional app sec tools can't address.

April 20, 2023

The Week in Security: 3CX attack caused by earlier supply chain hack, malware in Google Play

This week: One software supply chain attack caused another, making it a first for the industry. Also: Malware spreads via apps in the Google Play Store.

April 19, 2023

Secrets Exposed: The why, the how – and what to do about – secrets security

Secrets are increasingly exposed in code, creating a field-day for malicious actors. Here are key takeaways from our Secrets Exposed special report.

April 19, 2023

What’s hot at RSA Conference 2023: 8 must-see software supply chain security talks

Software supply chain security is taking center-stage at RSAC 2023. Here are the talks you don't want to miss.

April 13, 2023

The Week in Security: 3CX attackers identified as North Korean, CISA pushes Secure by Design

The attackers behind the 3CX software supply chain attack have been identified as North Korean. Also: CISA aims to shift the cybersecurity burden to tech.