Reversing Labs

Bitcoin cryptocurrency

Malicious Python Packages Target Crypto Wallet Recovery Passwords

A newly discovered campaign pushing malicious open source software packages is designed to steal mnemonic phrases used to recover lost or destroyed crypto wallets, according to a report by ReversingLabs.

Sign highlighting DEF CON villages

Is a DEF CON Village the right way to assess AI risk?

The AI industry is pointing to the AI Village at DEF CON as a venue for assessing cybersecurity risk. But is a “village” the best way to test AI risk? Experts have their doubts.

npm logo. Photo by RealToughCandy.com

Researcher: malicious packages lurked on npm for months

Researchers at ReversingLabs said they discovered two npm open source packages that contained malicious code linked to open source malware known as TurkoRat.

guy_with_bullhorn

The surveys speak: supply chain threats are freaking people out

A bunch of recent surveys of IT and security pros send a clear message: threats and risks from vulnerable software supply chains are real, and they’re starting to freak people out.

oil slick cleanup

Episode 232: Log4j Won’t Go Away (And What To Do About It.)

In this episode of the podcast (#232), Tomislav Peričin of the firm ReversingLabs joins us to talk about Log4Shell, the vulnerability in the ubiquitous Log4j Apache library. Tomislav tells us why issues related to Log4j won’t be going away anytime soon and how organizations must adapt to deal with the risk it poses.