Live Breaking News & Updates on Reversinglabs Blog

Stay updated with breaking news from Reversinglabs blog. Get real-time updates on events, politics, business, and more. Visit us for reliable news and exclusive interviews.

The State of Software Supply Chain Security 2024: Key takeaways

Software supply chain attacks are now mainstream events a change in tactics by cyber-attackers that you can measure in headlines, which in recent years have delivered news about attacks on popular software tools including MOVEIt, 3CX, and CircleCI. ....

Carolynn Van Arsdale , Security Bloggers Network , Reversinglab State Of Software Supply Chain Security , Progressive Software Moveit , Software Supply Chain Security , Lab State , Python Package Index , Operation Brainleeches , Hugging Face , Progressive Software , Reversinglabs Blog ,

Typosquatting campaign delivers r77 rootkit via npm

ReversingLabs researchers have identified a new, malicious supply chain attack affecting the npm platform. The “typosquatting” campaign first appeared in August and pushed a malicious package, node-hide-console-windows, which downloaded a Discord bot that facilitated the planting of an open source rootkit, r77. This is the first time ReversingLabs researchers have discovered a malicious open source package delivering rootkit functionality, and suggests that open source projects may increasingly be seen as an avenue by which to distribute malware. ....

Lucija Valenti , Reversinglabs Software Supply Chain Security , Security Bloggers Network , Rl Software Supply Chain Security , Software Supply Chain Security , Discord Remote Administration Tool , Supply Chain Security , Remote Administration , Luna Grabber , Windows Defender , Visual Studio Code , Reversinglabs Blog ,

The Week in Security: PyPI hit by 'Lolip0p' info-stealing attack, ransomware targets ship fleet

Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond. This week: A new software supply chain attack has been discovered on PyPI. Also: A ransomware attack on ship management software affects 1,000 vessels. ....

Carolynn Van Arsdale , Security Bloggers Network , Palo Alto Networks Unit , Strong Con , Python Package Index , Security Week , Hacker News , Alto Networks Unit , Reversinglabs Blog ,

The Week in Security: Software supply chain attack mines diamond industry, npm security boosted

Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond. This week: An Iranian APT group carried out a data wiping software supply chain attack globally. Also: GitHub has introduced new security features for its npm repository. ....

South Africa , Hong Kong , Carolynn Van Arsdale , Security Bloggers Network , Infrastructure Security Agency , Palo Alto Network Unit , It Army Of Ukraine , Security Affairs , Hacker News , While Apostle , Github Blog , Tech Crunch , Advanced Data Protection , Google Android , Internet Security , Cobalt Strike , Dark Reading , Google Chrome , Known Exploited Vulnerabilities , Reversinglabs Blog ,

W4SP continues to nest in PyPI: Same supply chain attack, different distribution method

Days after researchers for Phylum and Checkmarx revealed an ongoing software supply chain attack spreading the W4SP Stealer malware through malicious packages on the Python Package Index (PyPI), ReversingLabs researchers discovered 10 additional PyPI packages pushing modified versions of W4SP that were overlooked. ....

Karlo Zanki , Security Bloggers Network , Python Package Index , Cloudflare Tunnel , Cargo Tunnel , Reversinglabs Titanium Platform , Reversinglabs Blog ,