Blog | ReversingLabs | The Week in Security (3)

February 23, 2023

The Week in Security: U.S. Special Ops Command server exposed emails, phishing campaign hits npm

A misconfiguration likely caused a U.S. government server to leak sensitive military emails, and a massive phishing spam campaign has taken over npm.

February 16, 2023

The Week in Security: Russian hackers targeted U.S. gas and electric, malicious PyPI packages show prowess

This week: Russian-linked PIPEDREAM malware targeted critical infrastructure. Also: 400 malicious packages found on PyPI demonstrates attacker prowess.

February 9, 2023

The Week in Security: CISA operationalizes software supply chain security, GuLoader targets e-commerce

CISA is working to operationalize cyber supply chain risk management. Also: a GuLoader malware campaign is targeting the global e-commerce industry.

February 2, 2023

The Week in Security: Russia takes aim at Ukraine with Sandworm, the truth about Russia's top search engine

Russia-affiliated Sandworm is using malware strains to attack entities in Ukraine. Also: A massive Yandex code leak reveals the ranking factors of Russia’s search engines.

January 26, 2023

The Week in Security: After breach, 'unusual activity' detected in GoTo and LastPass dev environments

This week: GoTo says its 2022 breach was worse than reported, also affecting LastPass. Also: A hacktivist finds FBI No Fly list on an unsecured server.

January 19, 2023

The Week in Security: PyPI hit by ‘Lolip0p’ info-stealing attack, ransomware targets ship fleet

This week: A new software supply chain attack has been discovered on PyPI. Also: A ransomware attack on ship management software impacts 1000 vessels.

January 12, 2023

The Week in Security: When AI attacks, ChatGPT lowers the bar for developing malware

This week: Trojan Puzzle attack shows how AI can be trained for malicious purposes. Also: ChatGPT is enabling script kiddies to write functional malware.

January 5, 2023

The Week in Security: Ransomware attacks close out 2022 with a bang, PyTorch compromise explored

The tail-end of 2022 was plagued by ransomware attacks on critical infrastructure. Also, we break down the PyTorch software supply chain attack.

December 22, 2022

The Week in Security: Okta says source code stolen. Also: SentinelSneak: PyPi moduel poses as security SDK

Okta is hit with another supply chain attack. Also, ReversingLabs discovered a malicious PyPI package posing as a SentinelOne SDK client.

December 15, 2022

The Week in Security: Wiper malware rains down on 2022, Microsoft certificates abused

This week: Twelve malware wipers have been discovered in 2022. Also: The Cuba ransomware gang abused Microsoft certificates to sign malware.

December 1, 2022

The Week in Security: Docker Hub leaks secrets, Black Basta ransomware gangs up on retailer

This week: Another open-source platform is being used by cybercriminals. Also: the Black Basta ransomware gang takes credit for the attack on Maple Leaf Foods.

November 17, 2022

The Week in Security: Disguised Russian software used in U.S. Army, CDC applications

This week: software security and international relations collide as one tech company falsely brands itself as a U.S. software supplier. Also: a Canadian supermarket chain has been hit with a ransomware attack.

Software Supply Chain Security

File Security

Security Operations

Products

Technology

Partners

Alliances

Resources

Company

Events

Press

The Week in Security (3)

The Week in Security: U.S. Special Ops Command server exposed emails, phishing campaign hits npm

The Week in Security: Russian hackers targeted U.S. gas and electric, malicious PyPI packages show prowess

The Week in Security: CISA operationalizes software supply chain security, GuLoader targets e-commerce

The Week in Security: Russia takes aim at Ukraine with Sandworm, the truth about Russia's top search engine

The Week in Security: After breach, 'unusual activity' detected in GoTo and LastPass dev environments

The Week in Security: PyPI hit by ‘Lolip0p’ info-stealing attack, ransomware targets ship fleet

The Week in Security: When AI attacks, ChatGPT lowers the bar for developing malware

The Week in Security: Ransomware attacks close out 2022 with a bang, PyTorch compromise explored

The Week in Security: Okta says source code stolen. Also: SentinelSneak: PyPi moduel poses as security SDK

The Week in Security: Wiper malware rains down on 2022, Microsoft certificates abused

The Week in Security: Docker Hub leaks secrets, Black Basta ransomware gangs up on retailer

The Week in Security: Disguised Russian software used in U.S. Army, CDC applications

Topics

Special Reports

The State of Software Supply Chain Security 2024

Upcoming Webinars

ConversingLabs

The Week in Security (3)

Topics

Follow us

Subscribe

Special Reports