ReversingLabs

Our platform provides customers with a comprehensive solution for software supply chain security and malware analysis. It brings together teams from software development, IT, and security operations into a single, cohesive environment.

National

English

Blog

Outlet metrics

Domain Authority

Ranking

Global

#582937

United States

#263596

Computers Electronics and Technology/Computer Security

#803

Traffic sources

Monthly visitors

Articles

Boost VM security: 8 key strategies

2 weeks ago | reversinglabs.com | John Mello

Virtual machines (VMs) have become ubiquitous in the enterprise by offering flexibility, scalability, and cost savings. But widespread adoption has outpaced traditional security controls, which often rely on runtime access or agent-based monitoring. Dan Petrillo, vice president of product marketing at ReversingLabs (RL), said in a recent webinar that VMs can be blind spots for threats, exposing organizations to malware, vulnerabilities, supply chain risks, and compliance gaps.
5 reasons why you need to put SaaSBOMs to work

3 weeks ago | reversinglabs.com | John Mello

Software bills of materials (SBOMs) have become a hot topic recently — for a number of reasons. High-profile attacks on software supply chains have exposed the need for organizations to know what third-party and open-source components are in the applications they use. SBOMs are seen as an essential first step on that journey.
MCP is a powerful new AI coding technology: Understand the risks

3 weeks ago | reversinglabs.com | Todd R. Weiss

The fledgling Model Context Protocol standard has generated lots of headlines and discussion among developers, who like that MCP makes it easy to connect large language models (LLMs) directly with tools and data. The question is whether development teams and organizations are aware of the risks.
Indirect prompt injection attacks target common LLM data sources

1 month ago | reversinglabs.com | John Mello

While the shortest distance between two points is a straight line, a straight-line attack on a large language model (LLM) isn't always the most efficient — and least noisy — way to get the LLM to do bad things. That's why malicious actors have been turning to indirect prompt attacks on LLMs to carry out attacks. Indirect prompt injection attacks occur when malicious instructions are embedded within external content — documents, web pages, or emails — that an LLM processes.
MIT researchers look to tame AI code with new controls

1 month ago | reversinglabs.com | John Mello

Despite the risks associated with artificial intelligence (AI) coding, developers remain enthusiastic, using it to keep up with the demand for delivery software at speed. A recent GitHub survey found that 92% of U.S.-based developers are using AI coding regularly. But while many developers are using AI to assist them in writing code, they seem to be doing so warily.
Mobile and third-party risk: How legacy testing leaves you exposed

1 month ago | reversinglabs.com | John Mello

Risks to software supply chains from mobile applications are increasing, largely due to a lack of deeper visibility into their codebase, a new study has found. Zimperium researchers noted in the 2025 Global Mobile Threat Report that more than 60% of top Android and iOS third-party components, or software development kits (SDK’s), are shipped as precompiled binary packages, often with partial or missing software bills of materials (SBOMs).
Secrets leaks increase - and expand beyond the codebase

1 month ago | reversinglabs.com | Jaikumar Vijayan |Jai Vijayan

Organizations that assume secrets protection is solely about scanning public repositories and codebases for API keys, passwords, and tokens may be overlooking a major blind spot. Collaboration and project management platforms such as Slack, Jira, and Confluence have become high-risk zones for leaked credentials due to their widespread — and largely unmonitored — use in enterprise environments.
Rise of the xBOM: The new go-to tool for modern software security

1 month ago | reversinglabs.com | Ericka Chickowski

The more cybersecurity leaders and software builders operationalize software bills of materials (SBOMs) to convey trust and transparency, the more they’re running into the traditional SBOM’s visibility limitations. As valuable as they are, SBOMs — as defined by the software industry — can offer only part of the software supply chain risk picture.
Verizon 2025 DBIR: Third-party software risk takes the spotlight

1 month ago | reversinglabs.com | Carolynn Van Arsdale

It’s that time of year again: Verizon Business has released the 2025 edition of its Data Breach Investigations Report (DBIR), the 18th annual report of its kind. The DBIR is famous for how it captures the current state of cybercrime, analyzing tens of thousands of security incidents to understand the current threat landscape — and its humorous commentary.
Changes to CVE program are a call to action on your AppSec strategy

1 month ago | reversinglabs.com | John Mello

For the countless organizations that have relied on CVEs and the National Vulnerability Database (NVD) to support vulnerability management and cyber risk management programs, the past few weeks have been a white-knuckle ride.