The EmEditor supply chain compromise involved tampering with Windows Installer (MSI) packages to embed malicious scripts. The attackers used look-alike domains and command-and-control (C2) infrastructure to execute their operations.

A recent campaign has been identified involving 19 malicious VS Code extensions that contain malware disguised as a PNG file. These extensions exploit the "path-is-absolute" npm package to execute malicious activities on developers' machines.

The OWASP Top 10 for 2025 introduces core changes emphasizing systemic risks in modern application ecosystems. Key additions include “Supply Chain Failures” at rank #3 and “Mishandling of Exceptional Conditions” at rank #10.

PowerShell Gallery has been identified as a potential vector for software supply chain attacks. Malicious actors can exploit PowerShell’s autoloading and command clobbering features to override legitimate system commands.

A novel software supply chain attack campaign has been uncovered involving malicious npm packages—colortoolsv2 and mimelib2—that use Ethereum smart contracts to deliver second-stage malware.

Researchers uncovered critical vulnerabilities in AI-powered coding tools that prioritize development speed over security. Tools like CodeRabbit can be exploited to perform RCE and exfiltrate sensitive data from development environments.

ReversingLabs researchers recently discovered evidence of a widespread software supply chain attack involving malicious Javascript packages offered via the NPM package manager.

ReversingLabs recently discovered a new version of the AstraLocker ransomware (AstraLocker 2.0) that was being distributed directly from Microsoft Office files used as bait in phishing attacks.