logo

ReversingLabs Blog

ID: d727393e-7c81-5f2f-8605-9e9ed7523338

STIX ID: identity--d727393e-7c81-5f2f-8605-9e9ed7523338

Feed Type: rss

Earliest post: 2023-09-12

Latest post: 2026-05-28

In-depth malware analysis, threat research, file intelligence insights, and expert breakdowns of emerging threats from the ReversingLabs team.

01/01/2020
05/29/2026
Title Date Published Describes IncidentAuthorVisible
Forrester Names RL in Agentic Development Security Market2026-05-28TrueJasmine NoelTrue
Researcher's Notebook: Hunting Megalodon Fossils2026-05-26TrueRobert SimmonsTrue
Dependency attack takes down ed-tech platform at scale2026-05-26TrueEricka ChickowskiTrue
GitHub breach: The development ecosystem is in the hot seat2026-05-22TrueJohn P. Mello Jr.True
Parental Control Flaw Allows Google Account Hacks2026-05-19TrueZaria VuksanTrue
Shai-Hulud code drop: It’s open season2026-05-15TrueJaikumar VijayanTrue
Mini Shai-Hulud tears at OSS trust2026-05-12TruePaul RobertsTrue
How Dirty Frag rose from the Copy Fail exploit 2026-05-12TrueIgor LasicTrue
Selective NVD enrichment: Why it matters2026-05-07TrueJohn P. Mello Jr.True
Spectra Analyze in Action: Retrohunting Bots2026-05-06TrueZaria VuksanTrue
'Copy Fail' Flaw: 5 YARA Rules for Detection2026-05-01TrueMaik MorgensternTrue
Claude adds malware to crypto agent2026-04-29TrueVladimir PezoTrue
MCP rug-pull attack worries mount2026-04-29TrueJohn P. Mello Jr.True
LLMmap puts its finger on ML attacks2026-04-22TrueJohn P. Mello Jr.True
QR Code Phishing Evolves: How to Keep Up2026-04-21TrueIgor LasicTrue
Vibeware: More than bad vibes for AppSec2026-04-16TrueJohn P. Mello Jr.True
Graphalgo fake recruiter campaign returns2026-04-09TrueKarlo ZankiTrue
Claude Mythos: Get your AppSec game on2026-04-08TrueEricka ChickowskiTrue
28 application security stats that matter2026-04-07TrueJaikumar VijayanTrue
Axios: How AppSec teams should respond2026-04-02TruePaul RobertsTrue
ClickFix: YARA Rules Catch What AV Misses2026-04-02TrueToni DujmovićTrue
GenAI Security Project ramps up guidance2026-03-31TrueJohn P. Mello Jr.True
AppSec as attacker: Inside Trivy–LiteLLM 2026-03-27TrueIgor LasicTrue
The TeamPCP supply chain attack evolves2026-03-27TruePaul RobertsTrue
How AI agents can weaponize IDEs2026-03-25TrueJohn P. Mello Jr.True
Fake install logs in npm packages load RAT2026-03-24TrueLucija ValentićTrue
OpenClaw lesson: AI agents are a black hole2026-03-18TrueEricka ChickowskiTrue
How to Examine Polyglot Files with Spectra Analyze2026-03-17TrueJosh MorinTrue
OpenClaw and AI risk: 3 AppSec lessons2026-03-10TrueEricka ChickowskiTrue
Inside the NuGet hackers' toolset2026-02-26TruePetar KirhmajerTrue
Malicious NuGet package targets Stripe2026-02-25TruePetar KirhmajerTrue
How to Use YARA Retrohunting for Defense2026-02-18TrueAshlee BengeTrue
Inside the fake crypto developer recruitment hack2026-02-12TrueLucija ValentićTrue
Fake recruiter campaign targets crypto devs2026-02-11TrueKarlo ZankiTrue
Notepad++ hack: Supply chain threats evolve2026-02-05TruePaul RobertsTrue
Lab offers 9 ways to improve MCP security2026-02-04TrueJohn P. Mello Jr.True
RL SSCS Report: A 2025 retrospective2026-02-03TrueCarolynn van ArsdaleTrue
Inside the EmEditor supply chain compromise2026-01-29TrueRobert SimmonsTrue
RL SSCS Report 2026: 5 key takeaways2026-01-27TrueCarolynn van ArsdaleTrue
Shai-hulud is a call to action on AppSec2026-01-14TrueJaikumar VijayanTrue
Adversarial AI is on the rise: What you need to know2026-01-13TrueJohn P. Mello Jr.True
Unpacking the packer ‘pkr_mtsi’2026-01-06TrueRobert SimmonsTrue
NuGet malware targets Nethereum tools2025-12-17TruePetar KirhmajerTrue
VS Code extensions contain trojan-laden image2025-12-10TruePetar KirhmajerTrue
New Shai-hulud worm spreads: What to know2025-12-09TrueTomislav PeričinTrue
Bootstrap script exposes PyPI to domain takeover attacks2025-11-26TrueVladimir PezoTrue
AI vulnerability reporting fails maintainers2025-11-12TruePaul RobertsTrue
Evaluating YARA Rules for macOS Malware Hunting2025-11-05TrueDia BrarTrue
Tracking an evolving Discord-based RAT family2025-10-29TrueRobert SimmonsTrue
Will npm's new security steps stop attacks?2025-10-28TrueJaikumar VijayanTrue

1–50 of 124

Built by the dogesec team. Copyright 2026.