ReversingLabs

📣 Get ready 🎊 RL will once again be attending #BHUSA! Visit us at booth 3261 on August 6-7: https://xmrrwallet.com/cmx.pbit.ly/446vhc2 🔎 Stop by to discover the latest about threat intel, threat hunting, software supply chain security & more. 📚 We’ll also be hosting secure coding ⭐ Tanya Janca for RL Book Club, ft. Alice & Bob Learn Secure Coding! Plus, you can snag the best RL swag. Don't miss out! #BlackHat

🗞️ In this week's edition of Chainmail: Software Supply Chain Security News: New supply chain attacks have been spotted in #GitHubActions, Gravity Forms & #npm. Also, what the White House’s new #AIActionPlan means for #SoftwareSupplyChainSecurity.

🚀 We're thrilled to welcome our newest team members at ReversingLabs! We are thankful for their valuable skills & perspectives, which will contribute heavily to our collective success. 👋 Please join us in welcoming Juergen Bemmerl, Vanja Nevajdić, Domagoj Ciković, Marko Blažic, Frithjof Hoffmann & Stefanie Scearcy. #GoTeam #Cybersecurity

🎙️ In honor of #ThrowbackThursday, here's a clip from Tanya Janca's appearance on ConversingLabs Podcast. 🛡️ She discusses her new book, Alice & Bob Learn #SecureCoding, which she'll be presenting on at #BlackHat next week! 📚 Want a free, signed copy of her book? Stop by RL booth 3261 on Aug 6 at 2pm to claim yours & meet Tanya. ⏰ You may want to get there early in case we run out of copies... Learn more: https://xmrrwallet.com/cmx.pbit.ly/446vhc2

Another #HackerSummerCamp is almost here — & if you’re  attending, you want to make the most of it. Here is a shortlist of talks.👇 #BlackHat #BH2025

👀 If you're a #developer, there's no reason why you shouldn't have secure.software bookmarked on your browser. ✅ Spectra Assure Community offers free, comprehensive risk assessments of millions of open-source software (#OSS) packages across npm, PyPI, RubyGems, NuGet - & even extensions on VS Code. 💡 Swipe to learn more about this powerful resource that is helping to reduce software supply chain attacks on these essential platforms. 👇 Comment down below: What do you think of secure.software? #SoftwareEngineer

☀️ Start off #HackerSummerCamp right with this insightful Security BSides Las Vegas session. 👇 🧠 RL director of editorial & content Paul F. Roberts will be presenting alongside fellow #cybersecurity experts Silas Cutler & Stacey Higginbotham. 📡 💻 The panel: #EOL Equipment should not mean End of Life (Your Life). 📍Join them on Aug 5 at 6pm at the #IAmTheCavalry track! #BSidesLV

📣 Great news: If you haven't met Igor Lasic, RL's SVP of Technology, now's your chance! He'll be at Black Hat 2025 next week. 📍Come visit Igor & the rest of the RL team at booth 3261 on August 6-7. Igor is eager to chat with #cybersecurity pros about our powerful threat intelligence, file analysis & software supply chain security solutions. Tap into his wealth of knowledge! See you there & learn more about RL at #BlackHat here: https://xmrrwallet.com/cmx.pbit.ly/446vhc2

📣 We’re proud to announce a new strategic partnership with Vibrint, a trusted provider of mission-critical systems & analysis for the U.S. national security community. 🤝 Together, we’re advancing cyber defense by combining RL’s industry-leading threat intelligence & file analysis with Vibrint’s expertise in high-performance data infrastructure & mission support. This partnership will help federal agencies: ✅ Accelerate threat detection & decision-making ✅ Secure complex, high-volume data environments ✅ Sustain mission advantage across restricted & offline systems 👏 With a team of 100+ cleared technologists & a legacy of excellence across the IC & DoD, Vibrint is uniquely positioned to help government customers harness their data & act confidently. 🔗 Learn more about our work in the public sector: https://xmrrwallet.com/cmx.pbit.ly/3U2Ii09 #Cybersecurity #FederalIT #NationalSecurity

👀 It has been a very busy week in the world of software security. Get up to speed with this week's edition of Chainmail: Software Supply Chain Security News. 👇 🗞️ This week: Here’s what we know so far about the #SharePoint ‘ToolShell’ zero-day & its consequences. Also, #malware was injected into 7 #npm packages after its maintainer’s tokens were stolen.