ReversingLabs
@reversinglabs.com
ReversingLabs is the trusted name in file and software security.
RL - Trust Delivered.
RL - Trust Delivered.
🤖 As cyber attacks become #AI-optimized & internal AI use rises, enterprises are scrambling to secure files. Here's why your org needs to modernize its #FileSecurity: www.reversinglabs.com/blog/ai-file... #Cybersecurity
AI is upending file security. Here’s how to fight back | ReversingLabs
As attacks become AI-optimized and internal AI use rises, enterprises are scrambling to secure files. Here’s how to modernize your security strategy.
www.reversinglabs.com
December 24, 2025 at 6:58 PM
🤖 As cyber attacks become #AI-optimized & internal AI use rises, enterprises are scrambling to secure files. Here's why your org needs to modernize its #FileSecurity: www.reversinglabs.com/blog/ai-file... #Cybersecurity
🤖 @owasp.org has released a top 10 list of security risks for #AgenticAI, an AI testing guide, & an #AI vulnerability assessment tool. Here's what you need to know regarding the new #AISecurity efforts: https://bit.ly/4qfBxGo
OWASP tackles AI risk in bold new push | ReversingLabs
The Open Worldwide Application Security Project now includes an Agentic Top 10, an AI testing guide, and an AI vulnerability scoring tool.
bit.ly
December 18, 2025 at 5:06 PM
🤖 @owasp.org has released a top 10 list of security risks for #AgenticAI, an AI testing guide, & an #AI vulnerability assessment tool. Here's what you need to know regarding the new #AISecurity efforts: https://bit.ly/4qfBxGo
🪱 @forbes.com spoke with RL co-founder & CSA Tomislav Peričin about the 2nd wave of the malicious Shai-hulud worm that hit #npm: https://bit.ly/4pHZoyC
Microsoft Worm Attack Warning -- Act Rapidly And Change Passwords Now
Rapidly change your password, the Microsoft security team urges as Shai-Hulud Dune Worm cloud attacks continue.
bit.ly
December 17, 2025 at 6:09 PM
🪱 @forbes.com spoke with RL co-founder & CSA Tomislav Peričin about the 2nd wave of the malicious Shai-hulud worm that hit #npm: https://bit.ly/4pHZoyC
⚠️ RL researchers have discovered 14 malicious #NuGet packages that impersonate #crypto-related tools. Each delivers #malware that steals either wallet info, crypto-funds, or Google Ads OAuth credentials: https://bit.ly/4pILLiV
NuGet malware targets crypto wallets, OAuth tokens | ReversingLabs
Highlighting an alarming trend, RL has discovered malicious packages that impersonate Nethereum -- but copy functionality to enable attacks.
bit.ly
December 17, 2025 at 3:09 PM
⚠️ RL researchers have discovered 14 malicious #NuGet packages that impersonate #crypto-related tools. Each delivers #malware that steals either wallet info, crypto-funds, or Google Ads OAuth credentials: https://bit.ly/4pILLiV
Pairing RL Spectra Assure for #SoftwareSupplyChainSecurity with an #EDR solution like #CrowdStrike Falcon offers robust third-party software risk management.👇 https://bit.ly/48GeONR
Leveraging Spectra Assure and EDR to Mitigate Third-Party Software Risk | ReversingLabs
Here's how to create a compensating control in Crowdstrike to mitigate specific risks in a commercial software package.
bit.ly
December 16, 2025 at 7:45 PM
Pairing RL Spectra Assure for #SoftwareSupplyChainSecurity with an #EDR solution like #CrowdStrike Falcon offers robust third-party software risk management.👇 https://bit.ly/48GeONR
📣 RL has won the 2025 Intellyx Digital Innovator Award! We are so appreciative. #Cybersecurity
December 16, 2025 at 6:38 PM
📣 RL has won the 2025 Intellyx Digital Innovator Award! We are so appreciative. #Cybersecurity
Reposted by ReversingLabs
@invisig0th.bsky.social underscores why security frameworks are a starting point, not a finish line. Strong supply-chain security is in the execution. Read more from @reversinglabs.com: www.reversinglabs.com/blog/securit...
Security frameworks fail on software supply chain risk | ReversingLabs
Researchers studied how well the top frameworks mitigate modern attack techniques. They found serious security gaps.
www.reversinglabs.com
December 12, 2025 at 5:04 PM
@invisig0th.bsky.social underscores why security frameworks are a starting point, not a finish line. Strong supply-chain security is in the execution. Read more from @reversinglabs.com: www.reversinglabs.com/blog/securit...
🪖 RL chief trust officer Sasa Zdjelar reflects on the new #SBOM requirements coming for the U.S. military’s use of #AI: https://bit.ly/3MxUZzE
NDAA puts AI cyber risk in the crosshairs | ReversingLabs
What does the future of AI security look like? The latest National Defense Authorization Act gives us a glimpse.
bit.ly
December 11, 2025 at 9:05 PM
🪖 RL chief trust officer Sasa Zdjelar reflects on the new #SBOM requirements coming for the U.S. military’s use of #AI: https://bit.ly/3MxUZzE
🔎 #VirusTotal isn't the only option for your #ThreatIntel needs. As a matter of fact, there's an even better #VirusTotalAlternative out there: Us. See why: https://bit.ly/3MkWQb5
On Demand: Beyond VirusTotal: Modern Threat Intel with RL | ReversingLabs
Discover why teams are switching from VirusTotal to ReversingLabs for flexible, cost-effective threat intel--without paying for what they don't need.
bit.ly
December 10, 2025 at 6:09 PM
🔎 #VirusTotal isn't the only option for your #ThreatIntel needs. As a matter of fact, there's an even better #VirusTotalAlternative out there: Us. See why: https://bit.ly/3MkWQb5
Further details about this malicious campaign on #VSCode are now available at RL Blog: www.reversinglabs.com/blog/malicio...
#Dev #DevSecOps #Cybersecurity
#Dev #DevSecOps #Cybersecurity
December 10, 2025 at 4:06 PM
Further details about this malicious campaign on #VSCode are now available at RL Blog: www.reversinglabs.com/blog/malicio...
#Dev #DevSecOps #Cybersecurity
#Dev #DevSecOps #Cybersecurity
🛡️ #AI is poised to reshape the #SOC, from alleviating alert fatigue to streamlining manual workflows: https://bit.ly/3KwXl1d
#Cybersecurity #SecOps
#Cybersecurity #SecOps
5 ways AI will transform Security Operations Centers | ReversingLabs
AI is poised to reshape SOCs, from alleviating alert fatigue to streamlining manual, repetitive workflows. Here's what to expect.
bit.ly
December 9, 2025 at 6:40 PM
🛡️ #AI is poised to reshape the #SOC, from alleviating alert fatigue to streamlining manual workflows: https://bit.ly/3KwXl1d
#Cybersecurity #SecOps
#Cybersecurity #SecOps
📆 Happening in 1 week: A live roundup of 2025's #SoftwareSupplyChain breaches. Register: https://bit.ly/4iLpa2t
#DevSecOps #Dev #Cybersecurity
#DevSecOps #Dev #Cybersecurity
December 9, 2025 at 4:39 PM
📆 Happening in 1 week: A live roundup of 2025's #SoftwareSupplyChain breaches. Register: https://bit.ly/4iLpa2t
#DevSecOps #Dev #Cybersecurity
#DevSecOps #Dev #Cybersecurity
This Friday, we'll break down how to build a custom #ThreatIntel feed that reduces noise, improves data quality, & supports #AI-driven #SecOps: https://bit.ly/48jBXWb
December 8, 2025 at 6:14 PM
This Friday, we'll break down how to build a custom #ThreatIntel feed that reduces noise, improves data quality, & supports #AI-driven #SecOps: https://bit.ly/48jBXWb
📣 RL has just pushed out an update to detect the #React2Shell vulnerability. It has a CVSS score of 10, & it’s a pre-authentication vuln that allows RCE in web apps using a specific version of the extremely popular #React framework. #Dev #AppSec
December 5, 2025 at 5:59 PM
📣 RL has just pushed out an update to detect the #React2Shell vulnerability. It has a CVSS score of 10, & it’s a pre-authentication vuln that allows RCE in web apps using a specific version of the extremely popular #React framework. #Dev #AppSec
⛓️💥 Can frameworks stop software supply chain attacks? We ask this in the latest episode of ConversingLabs #podcast: https://bit.ly/3MferkI
#Cybersecurity #SoftwareSupplyChainSecurity #GRC
#Cybersecurity #SoftwareSupplyChainSecurity #GRC
Can Frameworks Stop Supply Chain Attacks? | ReversingLabs
Professor Laurie Williams and Ph.D. student Sivana Hamer of NC State discuss the effectiveness of software supply chain security frameworks.
bit.ly
December 4, 2025 at 4:12 PM
⛓️💥 Can frameworks stop software supply chain attacks? We ask this in the latest episode of ConversingLabs #podcast: https://bit.ly/3MferkI
#Cybersecurity #SoftwareSupplyChainSecurity #GRC
#Cybersecurity #SoftwareSupplyChainSecurity #GRC
A new guide on #threatmodeling for the cloud in the era of AI has been released by the CSA. It calls out that existing security practices aren't cutting it for the new era: https://bit.ly/447HlJD
#AISecurity #CloudSecurity #SoftwareSupplyChainSecurity
#AISecurity #CloudSecurity #SoftwareSupplyChainSecurity
Why AI and cloud-native are security game-changers | ReversingLabs
Existing security practices weren't designed to tackle today's risks, CSA notes in new guide -- making updating tooling essential.
bit.ly
December 3, 2025 at 4:53 PM
A new guide on #threatmodeling for the cloud in the era of AI has been released by the CSA. It calls out that existing security practices aren't cutting it for the new era: https://bit.ly/447HlJD
#AISecurity #CloudSecurity #SoftwareSupplyChainSecurity
#AISecurity #CloudSecurity #SoftwareSupplyChainSecurity
🚨 AI has redefined software risk — shaping how both attackers & defenders operate. Register now to get the breakdown on these shifting dynamics: https://bit.ly/4oqSV9T
#AISecurity #SoftwareSupplyChainSecurity #AppSec
#AISecurity #SoftwareSupplyChainSecurity #AppSec
December 3, 2025 at 3:50 PM
🚨 AI has redefined software risk — shaping how both attackers & defenders operate. Register now to get the breakdown on these shifting dynamics: https://bit.ly/4oqSV9T
#AISecurity #SoftwareSupplyChainSecurity #AppSec
#AISecurity #SoftwareSupplyChainSecurity #AppSec
RL researchers have found 19 #VSCode extensions belonging to a campaign that's been running since February 2025 containing hidden malware masquerading as a picture:
secure.software/vscode/packa...
secure.software/vscode/packa...
bashling Theme Remake - Visual Studio Code | ReversingLabs Spectra Assure Community
Supply chain risk analysis for bashling Theme Remake. Learn more about package security, deployment risks, vulnerabilities, popularity, versions, and more with ReversingLabs.
secure.software
December 2, 2025 at 9:03 PM
RL researchers have found 19 #VSCode extensions belonging to a campaign that's been running since February 2025 containing hidden malware masquerading as a picture:
secure.software/vscode/packa...
secure.software/vscode/packa...
🎉 ConversingLabs #Podcast has been featured in FeedSpot's list of 10 best #IncidentResponse podcasts! The show features some of the best experts in #cybersecurity. 🎧 Listen wherever you get your podcasts: https://bit.ly/443uzMd
December 2, 2025 at 6:18 PM
🎉 ConversingLabs #Podcast has been featured in FeedSpot's list of 10 best #IncidentResponse podcasts! The show features some of the best experts in #cybersecurity. 🎧 Listen wherever you get your podcasts: https://bit.ly/443uzMd
🔎 ICYMI: The newly-released ReversingLabs Browser Extension empowers customers to operationalize the RL #threatintelligence cloud in new & powerful ways 👉 https://bit.ly/4iu5Xlw
#threathunting #SOC
#threathunting #SOC
ReversingLabs Threat Intelligence: Context Changes Everything | ReversingLabs
Eliminate guesswork with the ReversingLabs Browser Extension, which operationalizes RL threat intelligence cloud in new and powerful ways.
bit.ly
December 2, 2025 at 4:40 PM
🔎 ICYMI: The newly-released ReversingLabs Browser Extension empowers customers to operationalize the RL #threatintelligence cloud in new & powerful ways 👉 https://bit.ly/4iu5Xlw
#threathunting #SOC
#threathunting #SOC
⚠️ RL researchers have discovered vulnerable code in legacy #Python packages that could make possible an attack on #PyPI via a domain compromise: https://bit.ly/48jatP4
Bootstrap script exposes PyPI to domain takeover attacks | ReversingLabs
Proving the road to takeover is paved with setuptools alternatives, the script for a popular Python package for building and installing PyPI packages leaves them vulnerable.
bit.ly
November 26, 2025 at 3:48 PM
⚠️ RL researchers have discovered vulnerable code in legacy #Python packages that could make possible an attack on #PyPI via a domain compromise: https://bit.ly/48jatP4
👀 Blog with full details & more updates can be found here: t.co/YP35k2Mweq
#npm #OSS #SoftwareSupplyChainSecurity
#npm #OSS #SoftwareSupplyChainSecurity
November 24, 2025 at 7:16 PM
👀 Blog with full details & more updates can be found here: t.co/YP35k2Mweq
#npm #OSS #SoftwareSupplyChainSecurity
#npm #OSS #SoftwareSupplyChainSecurity
⚠️ RL automated threat detection system has flagged a new wave of Shai-hulud #npm packages. Look out for RL's TH15502 policy violation on secure.software. The campaign affects popular [@]asyncapi packages with millions of downloads. Example: secure.software/npm/packages...
#Dev #Cybersecurity
#Dev #Cybersecurity
@asyncapi/specs@6.8.3 - npm | ReversingLabs Spectra Assure Community
Supply chain risk analysis for @asyncapi/specs@6.8.3. Learn more about package security, deployment risks, vulnerabilities, popularity, versions, and more with ReversingLabs.
secure.software
November 24, 2025 at 3:24 PM
⚠️ RL automated threat detection system has flagged a new wave of Shai-hulud #npm packages. Look out for RL's TH15502 policy violation on secure.software. The campaign affects popular [@]asyncapi packages with millions of downloads. Example: secure.software/npm/packages...
#Dev #Cybersecurity
#Dev #Cybersecurity
🚩 RL researchers have discovered a new malicious #VSCode extension that uses an interesting technique to execute the malicious code: secure.software/vscode/packa...
vscodepython - Visual Studio Code | ReversingLabs Spectra Assure Community
Supply chain risk analysis for vscodepython. Learn more about package security, deployment risks, vulnerabilities, popularity, versions, and more with ReversingLabs.
secure.software
November 21, 2025 at 5:08 PM
🚩 RL researchers have discovered a new malicious #VSCode extension that uses an interesting technique to execute the malicious code: secure.software/vscode/packa...
@owasp.org has proposed an update to its Top 10 list, which serves as a global standard for #AppSec. Here's what experts are saying about it: https://bit.ly/4iasFPq
#SoftwareSupplyChainSecurity #DevSecOps
#SoftwareSupplyChainSecurity #DevSecOps
OWASP Top 10 takes on software supply chain risk | ReversingLabs
The Open Worldwide Application Security Project's widely used AppSec priority list is expanding to cover systemic risk to software security.
bit.ly
November 20, 2025 at 9:11 PM
@owasp.org has proposed an update to its Top 10 list, which serves as a global standard for #AppSec. Here's what experts are saying about it: https://bit.ly/4iasFPq
#SoftwareSupplyChainSecurity #DevSecOps
#SoftwareSupplyChainSecurity #DevSecOps