ReversingLabs Blog

Karlo Zanki

Karlo Zanki
Reverse Engineer at ReversingLabs

Recent Posts from Karlo Zanki

December 1, 2022

W4SP continues to nest in PyPI: Same supply chain attack, different distribution method

Here's ReversingLabs' discoveries and indicators of compromise (IOCs) for W4SP, as well as links to our YARA rule that can be used to detect the malicious Python packages in your environment. 
September 23, 2022

Threat analysis: Malicious npm package mimics Material Tailwind CSS tool

ReversingLabs has discovered a malicious npm package disguised as the software tool Material Tailwind. Here's an in-depth look at our discovery — and threat analysis. (Updated with MachO executable information.)
August 29, 2022

New malicious packages in PyPI: What it means for securing open source repositories

After a recent discovery of malicious PyPI packages, questions remain about the security community’s ability to mitigate threats posed to open source repositories.
July 5, 2022

Update: IconBurst NPM software supply chain attack grabs data from apps and websites

ReversingLabs researchers uncovered a widespread campaign to install malicious NPM modules that are harvesting sensitive data from forms embedded in mobile applications and websites.
July 21, 2021

Groundhog day: NPM package caught stealing browser passwords

Today almost everyone knows that they need to protect their publicly exposed services and applications against the potential attacks from the outside
July 7, 2021

Third-party code comes with some baggage

Recognizing risks introduced by statically linked third-party libraries
April 28, 2021

Spotting malicious Excel4 macros

Relying on legacy functionalities comes with inherent security risks
March 2, 2021

Malware in Images: When You Can’t See “the Whole Picture”

When you can’t see “the whole picture”