See RL’s Joshua Knox break down the Polyfill.io supply chain attack on YouTube.…
Author: Reversinglabs
ReversingLabs researchers have made it a priority to monitor public, open source repositories for malicious packages that may lurk on them in recent years. The number and frequency of malicious …
On Substack, publications run by cybersecurity professionals and journalists with expertise in cybersecurity can help practitioners keep pace with developments in security operations and many other areas of cybersecurity.…
Security teams spend a lot of time chasing software vulnerabilities. The fact is, however, that their time would be better spent combating malware because the payoff is better: faster detection, …
ReversingLabs researchers recently discovered a malicious, open source package: xFileSyncerx on the Python Package Index (PyPI). The package, with close to 300 registered downloads, contained separate malicious “wiper” components. Is …
Cyberthreat intelligence (CTI) can be a powerful weapon for protecting an organization from cyberattack, enabling teams to understand both the threats they face and the tactics, techniques, and procedures of …
In the last few years, there has been a dramatic rise (1300%) in supply chain attacks across multiple public repositories. ReversingLabs’ researchers have been monitoring them daily to detect malicious …
ReversingLabs has identified a new, malicious campaign consisting of seven different open source packages with 19 different versions on the Python Package Index (PyPI), with the oldest package dating back …
ReversingLabs researchers have observed a clear trend in which open-source platforms and code have become the stage for a growing and diverse range of malicious activity and campaigns. This trend …
ReversingLabs researchers have discovered two malicious packages on the npm open source package manager that leverages GitHub to store stolen Base64-encrypted SSH keys lifted from developer systems that installed the …
The use of public services as command-and-control (C2) infrastructure isn’t a revolutionary technique for malicious actors. ReversingLabs has observed such behavior in several malware campaigns throughout the last few years.…
Newly discovered open source software packages on the npm platform contain scripts that broadcast peace messages related to ongoing conflicts in Ukraine and on the Gaza Strip when they are …
ReversingLabs has identified connections between a malicious campaign that was recently discovered and reported by the firm Phylum and several hundred malicious packages published to the NuGet package manager since …
ReversingLabs researchers have identified a new, malicious supply chain attack affecting the npm platform. The “typosquatting” campaign first appeared in August and pushed a malicious package, node-hide-console-windows, which downloaded a …
More than a week after it suffered a crippling ransomware attack, the hotel giant MGM is struggling to recover. The attack, linked to the ransomware-as-a-service (RaaS) group known as ALPHV, …
Security teams are well aware of the growing problem of software supply chain attacks, but it’s essential that organizations stay abreast of the various threats posed to software supply chains.…
In early August, ReversingLabs identified a malicious supply chain campaign that the research team dubbed “VMConnect.” That campaign consisted of two dozen malicious Python packages posted to the Python Package …
ReversingLabs researchers have identified more than a dozen malicious packages on the npm public repository since the beginning of August, including multistage, malicious packages that placed Luna Grabber, an open-source …
ReversingLabs has identified several malicious Python packages on the Python Package Index (PyPI) open source repository. In all, ReversingLabs researchers uncovered 24 malicious packages imitating three, popular open source Python …