RL researchers detected a sophisticated, malicious package believed to be an ongoing campaign that may be linked to a hacktivist gang.

ReversingLabs researchers discovered more than 60 GitHub repositories that contain hundreds of trojanized files.

ReversingLabs provides tools to detect the CONTI ransomware family - a leading ransomware as a service outfit

The eslint-config-prettier package exposed more than 10,000 dependent projects. The incident highlights the growing risks in automated dependency updating.

RL has discovered a loophole on VS Code Marketplace that allows threat actors to reuse legitimate, removed package names for malicious purposes. 

RL researchers have detected the first self-replicating worm compromising popular npm packages with cloud token-stealing malware.