Days after researchers for Phylum and Checkmarx revealed an ongoing software supply chain attack spreading the W4SP Stealer malware through malicious packages on the Python Package Index (PyPI), ReversingLabs researchers discovered 10 additional PyPI packages pushing modified versions of W4SP that were overlooked ... Read More

ReversingLabs has discovered a malicious npm package disguised as the software tool Material Tailwind. Here's an in-depth look at our discovery — and threat analysis ... Read More

After a recent discovery of malicious PyPI packages, questions remain about the security community’s ability to mitigate threats posed to open source repositories ... Read More

Executive Summary ... Read More

Introduction ... Read More

Introduction ... Read More

Introduction Excel4 (XLM) macros are a legacy scripting language introduced in 1992. They are a predecessor to the more advanced VBA scripting language introduced the following year. Because of the backward compatibility issues, modern Microsoft Office versions kept the support for this type of macros. The reason why this old ... Read More

Introduction Malicious actors often want to get information of interest from targeted computer environments. To achieve this goal, they usually decide to plant some kind of software that will provide that information continuously. Throughout history, the most common way of doing that was to plant an executable file and make ... Read More

Introduction On September 17th, the U.S. Department of the Treasury’s Office of Foreign Assets Control imposed sanctions on Iranian cyber threat group APT39, also known as Chafer, Cadelspy, Remexi, and ITG07. On the same day, the FBI released a public threat analysis report describing several tools used by Rana Corp, ... Read More

When malware lasts longer than your washing machine Introduction ... Read More