Blog | ReversingLabs | Threat Research (4)

March 9, 2023

PyPI repo poisoned with "Colour-Blind" RAT

Here are the key takeaways from the Colour-Blind remote access trojan, with insights from supply chain security experts.

February 22, 2023

Developers beware: Imposter HTTP libraries lurk on PyPI

ReversingLabs researchers discovered more than three dozen malicious packages on the PyPI repository that mimic popular HTTP libraries.

February 21, 2023

Core-JS: Beware hidden dependencies from indebted Russian developers

Denis Pushkarev has big debts — and his code is everywhere. The supply chain security alarm should be at DEFCON 2 by now. We sum it up at fast pace.

February 9, 2023

Open-source repository malware sows Havoc

Aabquerys is a malicious npm package discovered typosquatting on a legitimate npm module that downloads malicious components, ReversingLabs discovered.

February 8, 2023

Leaky app gives researcher 'total, global control' over the Toyota supplier network

A researcher discovered a JsonWebToken flaw in a Toyota app that gave access to corporate user accounts, as well as suppliers — and even Toyota parts.

February 2, 2023

The Week in Security: Russia takes aim at Ukraine with Sandworm, the truth about Russia's top search engine

Russia-affiliated Sandworm is using malware strains to attack entities in Ukraine. Also: A massive Yandex code leak reveals the ranking factors of Russia’s search engines.

January 5, 2023

How to harden machine learning models against adversarial attacks

As attacks become more sophisticated, it is imperative to harden machine learning (ML) models and reduce the adversary’s ability to evade detection.

December 19, 2022

SentinelSneak: Malicious PyPI module poses as security software development kit

A malicious Python file found on the PyPI repo adds backdoor and data exfiltration features to what appears to be a legitimate SDK client from SentinelOne.

December 1, 2022

W4SP continues to nest in PyPI: Same supply chain attack, different distribution method

Here's ReversingLabs' discoveries and indicators of compromise (IOCs) for W4SP, as well as links to our YARA rule that can be used to detect the malicious Python packages in your environment.

December 1, 2022

ZetaNile: Open source software trojans from North Korea

ReversingLabs Malware Researcher Joseph Edwards takes a deep dive into ZetaNile, a set of open-source software trojans being used by Lazarus/ZINC.

November 14, 2022

How to write detailed YARA rules for malware detection

This blog post describes the process of how we write our high-quality YARA rules. Here's an example of writing detailed YARA rules.

September 26, 2022

Gaps in the NVD increase U.S. cyber threat

Discrepancies in national vulnerability database reports show the U.S. lags behind China, possibly exposing U.S. firms to cyber attacks, Sophos finds.

Software Supply Chain Security

File Security

Security Operations

Products

Technology

Partners

Alliances

Resources

Company

Events

Press

Threat Research (4)

PyPI repo poisoned with "Colour-Blind" RAT

Developers beware: Imposter HTTP libraries lurk on PyPI

Core-JS: Beware hidden dependencies from indebted Russian developers

Open-source repository malware sows Havoc

Leaky app gives researcher 'total, global control' over the Toyota supplier network

The Week in Security: Russia takes aim at Ukraine with Sandworm, the truth about Russia's top search engine

How to harden machine learning models against adversarial attacks

SentinelSneak: Malicious PyPI module poses as security software development kit

W4SP continues to nest in PyPI: Same supply chain attack, different distribution method

ZetaNile: Open source software trojans from North Korea

How to write detailed YARA rules for malware detection

Gaps in the NVD increase U.S. cyber threat

Topics

Special Reports

The State of Software Supply Chain Security 2024

Upcoming Webinars

ConversingLabs

Threat Research (4)

Topics

Follow us

Subscribe

Special Reports