Differential analysis raises red flags over @lottiefiles/lottie-player
Malware on public repositories is nothing new. For a couple of years now, ReversingLabs threat researchers have been monitoring npm, PyPI and recently VSCode Marketplace, RubyGems and NuGet for potential malware whose ...
Strengthening Supply Chains: ReversingLabs Now Integrates with ServiceNow
In today’s rapidly evolving digital landscape, ensuring the security of your software supply chain is more critical than ever. At ReversingLabs, we are excited to announce our latest integration with ServiceNow, designed ...
Why shift left alone can’t manage your software risk
Application security wouldn’t be what it is today without “shift left,” the concept that security practices should be handled much earlier in the software development lifecycle (SDLC). Shift left brought about new ...
CISA’s secure software deployment push: Key takeaways for AppSec teams
In July, a botched software update by CrowdStrike led to millions of Windows systems crashing worldwide, resulting in $10 billion in financial damage, by some estimates. Recent guidance released by the U.S ...
Gauging the Safety Level of Your Software with Spectra Assure
It’s been a little over a year since we first introduced security levels into Spectra Assure™ with the goal of reducing the remediation burden on developers. It automatically generates a plan for ...
OWASP Top 10 for LLM and new tooling guidance targets GenAl security
New guidance for organizations seeking to protect the generative AI tools they're running has been released by the OWASP Top 10 LLM Applications Security Project ...
AppSec vs. product security: Secure by Design demands a strategy shift
For the Secure by Design initiative of the Cybersecurity and Infrastructure Security Agency (CISA) to really change the security landscape, the scope of traditional application security (AppSec) will need to expand considerably ...
Downgrade attacks open patched systems to malware
A new report by the former SafeBreach researcher Alon Leviev is raising alarms about the risks posed by downgrade attacks on Microsoft Windows. In a blog post, Leviev, who now works for ...
Spectra Assure Malware Detection in ML and LLM Models
Machine learning (ML) models are transforming industries—from personalized recommendations to autonomous driving and healthcare diagnostics. As businesses increasingly rely on ML models to automate complex tasks and make data-driven decisions, the need ...
