Robuta

While 2FA and trusted publishing will help, you need tools that give visibility into how packages behave — not just who is publishing.

Enable energy and utility organizations to contend with disruptive cybersecurity threats like ransomware and supply chain vulnerabilities.

Feb 12, 2026 - A new branch of a well-coordinated fake job recruitment campaign is targeting Javascript and Python developers via social channels.

Here's what you need to know about the discovery of the first self-replicating npm worm, which compromised packages with cloud token-stealing malware.

In this conversation, Saša Zdjelar, Chief Trust Officer at Reversinglabs and former ExxonMobil executive, discusses his extensive experience in cybersecurity,...

New research shows the shortcomings of manifests as a tool for generating SBOMs and their inability to represent the contents of a fully compiled binary.

Software Supply Chain Security, Threat Intelligence, and Threat Analysis Solutions

Build antimalware and threat intel into your solutions with ReversingLabs SDKs. Get the industry-leading TI and threat analysis.

ReversingLabs is the trusted name in file and software security. RL - Trust Delivered.

AI coding is a big security problem when most security teams are still relying on tools designed for a world where human-written code remains prevalent.

Learn what’s been added to the ATT&CK framework — and how you can best operationalize it to advance your organization’s threat detection and response.

The automation tool's Install-Module command presents threat actors with one key link in the kill chain of a possible attack.

Explore ReversingLabs' case studies to see how our advanced threat intelligence and software supply chain security solutions protect organizations...

At ReversingLabs, we’ve identified seven critical risks that plague commercial software, or what we call Commercial Software’s Seven Deadly Sins.

Google and others are inundating development teams with AI-powered reporting. Are AI-enabled fixes the answer? 

Join ReversingLabs as we deconstruct and analyze software packages using the most advanced software supply chain tools available.

Protect High Tech organizations from ransomware, breaches, malware and threats with proactive cybersecurity solutions.

RL researchers detected the first self-replicating worm that compromised npm packages with cloud token-stealing malware. Here's what you need to know.

The Continuous Threat Exposure Management model represents an evolution from CVSS. Here’s what you need to know.

Protect healthcare devices, patient data, and critical systems from ransomware, breaches, and cyber threats with proactive cybersecurity solutions.

Software Supply Chain Security, Threat Intelligence, and Threat Analysis Solutions

Proving the road to takeover is paved with setuptools alternatives, the script for a popular Python package for building and installing PyPI packages leaves...

Spectra Assure for software supply chain security provides enterprise software developers with early and actionable feedback on risks like malware, tampering,...

The Open Worldwide Application Security Project’s widely used AppSec priority list is expanding to cover systemic risk to software security.

Check out ConversingLabs: a live and on-demand podcast series about threats, detection, and cyber defense.

AI is producing code up to four times faster — but with 10 times more AppSec lapses. Here’s what you need to know.

Protect public sector organizations from ransomware, breaches, and cyber threats with proactive cybersecurity solutions.

See what product and application security teams need to know to protect against software supply chain compromises.

Subscribe to ReversingLabs’ weekly newsletter for curated security news, expert analysis, and actionable insights on software supply chain security,...

Developers targeted by malicious Microsoft VSCode extensions

Risk Rubric provides assessments for LLM transparency, reliability, security and more. But it’s only one tool in a comprehensive security tool box.

Software Supply Chain Security, Threat Intelligence, and Threat Analysis Solutions

Get a look at what Spectra Assure can do to secure the software supply chain for both software producers and procurement teams.

Modernize your AppSec for the new era of software supply chain security: A Guide for Software Producers & Buyers

Multi-layered payloads can yield clues to hacker identity and intentions when successfully unpacked and analyzed.

Development is in freefall toward software entropy and insecurity. Can spec-driven development help?

Software Supply Chain Security, Threat Intelligence, and Threat Analysis Solutions

With a constantly evolving OSX malware domain, it is important to write clear, specific, and accurate YARA rules. Here's how.

PowerShell's broad use and open access make it an attractive target for supply chain attacks. Here's how Spectra Assure Community can help.

Vibe coding is not going away — and the threat is real. But are developer tools like VibeSec that shift controls left up to the job?