A newly discovered campaign pushing malicious open source software packages is designed to steal mnemonic phrases used to recover lost or destroyed crypto wallets, according to a report by ReversingLabs.
Reversing Labs
Is a DEF CON Village the right way to assess AI risk?
The AI industry is pointing to the AI Village at DEF CON as a venue for assessing cybersecurity risk. But is a “village” the best way to test AI risk? Experts have their doubts.
Researcher: malicious packages lurked on npm for months
Researchers at ReversingLabs said they discovered two npm open source packages that contained malicious code linked to open source malware known as TurkoRat.
The surveys speak: supply chain threats are freaking people out
A bunch of recent surveys of IT and security pros send a clear message: threats and risks from vulnerable software supply chains are real, and they’re starting to freak people out.
Episode 232: Log4j Won’t Go Away (And What To Do About It.)
In this episode of the podcast (#232), Tomislav Peričin of the firm ReversingLabs joins us to talk about Log4Shell, the vulnerability in the ubiquitous Log4j Apache library. Tomislav tells us why issues related to Log4j won’t be going away anytime soon and how organizations must adapt to deal with the risk it poses.