2025 was a busy year for Invoke RE. We attended 6 conferences, provided 5 talks, sponsored multiple events, did 20 streams, uploaded 24 videos and published bleeding edge tools and research. All while running Invoke RE and continuing to contribute and release training content. Throughout this post we’ll be highlighting our notable moments and accomplishments throughout 2025.
RE//verse 2025
We attended the inaugural RE//verse 2025 in March that was organized by the Vector 35 team in Orlando, Florida. The conference was a single track, with highly technical talks from leaders in the space. The conference was extremely well organized and went off without a hitch. It was fantastic meeting face to face with a number of the Vector 35 team, including Xusheng Li who we later had on a live stream about Time Travel Debugging with Binary Ninja.
Ungarble Plugin for Binary Ninja Released
In March we released the Ungarble plugin for Binary Ninja, that can be used to deobfuscate strings obfuscated with the open source Garble project. This was on the heels of Google Cloud’s FLARE team (shout out Chuong Dong) who released a similar tool that is platform independent and later Volexity released a suite of tools called GoResolver to address similar problem sets.
We later presented this research on the Off By One Security stream with Stephen Sims:
BinjaLattice MCP Server Released
In March 2025, we started seeing an uptick in the adoption of the Model Context Protocol (MCP) created by Anthropic and being applied to multiple problem sets, including malware analysis. Later that month we released the BinjaLattice MCP Server and accompanying Binary Ninja plugin to interface with Binary Ninja using Large Language Models. We later had a stream on the subject and used these tools for demos during our lightning talk at NorthSec 2025 and keynote at BSides Edmonton 2025.
NorthSec 2025
We attended NorthSec 2025, where we participated in Cindy Xiao’s workshop on Reconstructing Rust Types and provided a lightning talk on using the BinjaLattice MCP server for reverse engineering malware:
Scavenger Research, BSides Toronto 2025 and John Hammond Collab
In July 2025, we analyzed an NPM supply chain compromise campaign with Cedric Brisson that resulted in the delivery of the Scavenger malware. This research led to the discovery of a follow-on supply chain attack against PyPI packages and was tied back to earlier campaigns throughout 2024 and 2025 targeting multiple game mod communities. We later presented this research at BSides Toronto with Cedric:
We were later featured on John Hammond’s YouTube channel to showcase our findings in November 2025:
This research was a precursor to large scale worm-likely NPM supply-chain compromises later in the year.
DEF CON 33, Malware Village Sponsorship and Trident Talks Podcast
We attended DEF CON 33, sponsored the inaugural Malware Village and had a fantastic Invoke RE meetup where we met students, reverse engineers and security professionals from all over the world.
We attended multiple events related to Black Hat and DEF CON, where we met tons of amazing folks, including Gareth Davies, who later had Joshua Reynolds on the Trident Talks podcast where he spoke about his journey in the information security industry and founding Invoke RE:
BSides Edmonton
Joshua Reynolds provided the second day keynote at BSides Edmonton where he spoke about AI adoption in the Information Security industry, its impact and its applications in reverse engineering and malware analysis:
This was a big milestone as it was the first keynote Joshua had ever done and we are extremely grateful to BSides Edmonton for providing us with this opportunity. The full talk can be found here:
Hex-Rays Collaboration and Fake PuTTY Campaign Research
In December 2025, we published a video in collaboration with Hex-Rays highlighting research we conducted from July 2025 about a Search Engine Optimization (SEO) poisoning campaign targeting PuTTY users:
Throughout this video, we demonstrate using IDA Pro to analyze binary stages of this campaign in order to uncover the hidden stealer within it.
Outlook
We want to thank those who supported us throughout 2025 and we look forward to further collaborations and community engagements throughout 2026. We’re working on new training materials and projects that we will be launching throughout 2026 and we look forward to sharing them with you.
All the best,
The Invoke RE Team