Tag: rust
-
Paranoid WhatsApp users rejoice: Encrypted app gets one-click privacy toggle
Meta also replaces a legacy C++ media-handling security library with Rust First seen on theregister.com Jump to article: www.theregister.com/2026/01/27/whatsapp_strict_account_settings_meta_rust/
-
Rust package registry adds security tools and metrics to crates.io
The Rust project updated crates.io to include a Security tab on individual crate pages. The tab shows security advisories drawn from the RustSec database and lists which … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/21/rust-crates-io-security-update/
-
Spear-Phishing Campaign Abuses Argentine Federal Court Rulings to Deliver Covert RAT
Seqrite Labs has uncovered a sophisticated spear-phishing campaign targeting Argentina’s judicial sector with a multi-stage infection chain designed to deploy a stealthy Rust-based Remote Access Trojan (RAT). The campaign primarily targets Argentina’s judicial institutions, legal professionals, justice-adjacent government bodies, and academic legal organizations. Attackers abuse legitimate Argentine federal court rulings specifically, preventive detention review documents…
-
Shai-Hulud & Co.: Die Supply Chain als Achillesferse
Tags: access, ai, application-security, backdoor, ciso, cloud, cyber, cyberattack, data, github, Hardware, infrastructure, kritis, kubernetes, LLM, monitoring, network, nis-2, programming, resilience, risk, rust, sbom, software, spyware, strategy, supply-chain, tool, vulnerabilityEgal, ob React2Shell, Shai-Hulud oder XZ Utils: Die Sicherheit der Software-Supply-Chain wird durch zahlreiche Risiken gefährdet.Heutige Anwendungen basieren auf zahlreichen Komponenten, von denen jede zusammen mit den Entwicklungsumgebungen selbst eine Angriffsfläche darstellt. Unabhängig davon, ob Unternehmen Code intern entwickeln oder sich auf Drittanbieter verlassen, sollten CISOs, Sicherheitsexperten und Entwickler der Software-Supply-Chain besondere Aufmerksamkeit schenken.Zu den…
-
Iran-linked MuddyWater APT deploys Rust-based implant in latest campaign
Rust offers evasion advantages: CloudSEK researchers said RustyWater was developed in Rust, which they said is increasingly used by malware authors for its memory safety features and cross-platform capabilities, according to the blog post. Other state-sponsored groups, including Russia’s Gossamer Bear and China-linked actors, have also deployed Rust-based malware in recent campaigns, according to security…
-
RustyWater Rising: MuddyWater Drops PowerShell for Stealthy Rust Implants
The post RustyWater Rising: MuddyWater Drops PowerShell for Stealthy Rust Implants appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/rustywater-rising-muddywater-drops-powershell-for-stealthy-rust-implants/
-
MuddyWater Launches RustyWater RAT via Spear-Phishing Across Middle East Sectors
The Iranian threat actor known as MuddyWater has been attributed to a spear-phishing campaign targeting diplomatic, maritime, financial, and telecom entities in the Middle East with a Rust-based implant codenamed RustyWater.”The campaign uses icon spoofing and malicious Word documents to deliver Rust based implants capable of asynchronous C2, anti-analysis, registry persistence, and modular First seen…
-
Claude is his copilot: Rust veteran designs new Rue programming language with help from AI bot
Rust veteran Steve Klabnik is using an LLM to explore memory safety without garbage collection First seen on theregister.com Jump to article: www.theregister.com/2026/01/03/claude_copilot_rue_steve_klabnik/
-
Xous & Baochip-1x: Rust-OS und eigener Chip für sicherere Embedded-Anwendungen
Tags: rustFür Mikrocontroller gibt es längst Betriebssysteme, doch ihnen fehlen wichtige Sicherheits-Features. Das will Hardwareentwickler Bunnie ändern. First seen on golem.de Jump to article: www.golem.de/news/xous-baochip-1x-rust-os-und-eigener-chip-fuer-sicherere-embedded-anwendungen-2601-203741.html
-
Microsoft wants to replace its entire C and C++ codebase, perhaps by 2030
Plans move to Rust, with help from AI First seen on theregister.com Jump to article: www.theregister.com/2025/12/24/microsoft_rust_codebase_migration/
-
New Linux Kernel Rust Vulnerability Triggers System Crashes
A critical race condition vulnerability has been discovered in the Linux kernel’s Rust Binder module, potentially causing system crashes and memory corruption. Assigned CVE-2025-68260, this issue affects the kernel’s inter-process communication mechanism and requires immediate attention from system administrators and kernel maintainers. The Vulnerability The vulnerability exists in the Rust Binder component’s death_list handling mechanism.…
-
New Linux Kernel Rust Vulnerability Triggers System Crashes
A critical race condition vulnerability has been discovered in the Linux kernel’s Rust Binder module, potentially causing system crashes and memory corruption. Assigned CVE-2025-68260, this issue affects the kernel’s inter-process communication mechanism and requires immediate attention from system administrators and kernel maintainers. The Vulnerability The vulnerability exists in the Rust Binder component’s death_list handling mechanism.…
-
New Linux Kernel Rust Vulnerability Triggers System Crashes
A critical race condition vulnerability has been discovered in the Linux kernel’s Rust Binder module, potentially causing system crashes and memory corruption. Assigned CVE-2025-68260, this issue affects the kernel’s inter-process communication mechanism and requires immediate attention from system administrators and kernel maintainers. The Vulnerability The vulnerability exists in the Rust Binder component’s death_list handling mechanism.…
-
New 01Flip Ransomware Targets Both Windows and Linux Systems
Security researchers at Palo Alto Networks Unit 42 have identified a newly emerging ransomware family, 01flip, that represents a significant shift in malware development tactics. Discovered in June 2025, this sophisticated threat is entirely written in Rust a modern programming language that enables cross-platform compatibility and currently targets a limited set of victims across the…
-
Beyond Cargo Audit: Securing Your Rust Crates in Container Images
Container image scanning has come a long way over the years, but it still comes with its own set of, often unique, challenges. One of these being the difficulty in analyzing images for vulnerabilities when they contain a Rust payload. If you’re a big Rust user, you may have found that some software composition analysis……
-
Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data
Cybersecurity researchers have discovered two new extensions on Microsoft Visual Studio Code (VS Code) Marketplace that are designed to infect developer machines with stealer malware.The VS Code extensions masquerade as a premium dark theme and an artificial intelligence (AI)-powered coding assistant, but, in actuality, harbor covert functionality to download additional payloads, take First seen on…
-
Rust Code Delivers Better Security, Also Streamlines DevOps
Software teams at Google and other Rust adopters see safer code when using the memory-safe language, and also fewer rollbacks and less code review. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/rust-code-delivers-better-security-streamlines-devops
-
Malicious Rust packages targeted Web3 developers
A malicious Rust crate (package) named evm-units, aimed at stealing cryptocurrency from unsuspecting developers, has been pulled from the official public package registry for … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/04/malicious-rust-packages-targeted-web3-developers/
-
Rust core library partly polished for industrial safety spec
Tags: rustFerrous Systems achieves IEC 61508 (SIL 2) certification for systems that demand reliability First seen on theregister.com Jump to article: www.theregister.com/2025/12/04/rust_core_library_partly_polished/
-
Constant-time support lands in LLVM: Protecting cryptographic code at the compiler level
Tags: access, apple, attack, crypto, cryptography, data, exploit, government, group, infrastructure, open-source, rust, vulnerabilityTrail of Bits has developed constant-time coding support for LLVM 21, providing developers with compiler-level guarantees that their cryptographic implementations remain secure against branching-related timing attacks. This work introduces the __builtin_ct_select family of intrinsics and supporting infrastructure that prevents the Clang compiler, and potentially other compilers built with LLVM, from inadvertently breaking carefully crafted constant-time…
-
Constant-time support lands in LLVM: Protecting cryptographic code at the compiler level
Tags: access, apple, attack, crypto, cryptography, data, exploit, government, group, infrastructure, open-source, rust, vulnerabilityTrail of Bits has developed constant-time coding support for LLVM 21, providing developers with compiler-level guarantees that their cryptographic implementations remain secure against branching-related timing attacks. This work introduces the __builtin_ct_select family of intrinsics and supporting infrastructure that prevents the Clang compiler, and potentially other compilers built with LLVM, from inadvertently breaking carefully crafted constant-time…
-
Google Brings AirDrop Compatibility to Android’s Quick Share Using Rust-Hardened Security
In a surprise move, Google on Thursday announced that it has updated Quick Share, its peer-to-peer file transfer service, to work with Apple’s equipment AirDrop, allowing users to more easily share files and photos between Android and iPhone devices.The cross-platform sharing feature is currently limited to the Pixel 10 lineup and works with iPhone, iPad,…
-
Google Brings AirDrop Compatibility to Android’s Quick Share Using Rust-Hardened Security
In a surprise move, Google on Thursday announced that it has updated Quick Share, its peer-to-peer file transfer service, to work with Apple’s equipment AirDrop, allowing users to more easily share files and photos between Android and iPhone devices.The cross-platform sharing feature is currently limited to the Pixel 10 lineup and works with iPhone, iPad,…
-
Google Brings AirDrop Compatibility to Android’s Quick Share Using Rust-Hardened Security
In a surprise move, Google on Thursday announced that it has updated Quick Share, its peer-to-peer file transfer service, to work with Apple’s equipment AirDrop, allowing users to more easily share files and photos between Android and iPhone devices.The cross-platform sharing feature is currently limited to the Pixel 10 lineup and works with iPhone, iPad,…
-
Google Brings AirDrop Compatibility to Android’s Quick Share Using Rust-Hardened Security
In a surprise move, Google on Thursday announced that it has updated Quick Share, its peer-to-peer file transfer service, to work with Apple’s equipment AirDrop, allowing users to more easily share files and photos between Android and iPhone devices.The cross-platform sharing feature is currently limited to the Pixel 10 lineup and works with iPhone, iPad,…
-
Google links Android’s Quick Share to Apple’s AirDrop, without Cupertino’s help
Relies on very loose permissions, but don’t worry Google wrote it in Rust First seen on theregister.com Jump to article: www.theregister.com/2025/11/21/google_links_androids_quick_share/
-
Google links Android’s Quick Share to Apple’s AirDrop, without Cupertino’s help
Relies on very loose permissions, but don’t worry Google wrote it in Rust First seen on theregister.com Jump to article: www.theregister.com/2025/11/21/google_links_androids_quick_share/
-
Linus Torvalds is OK with vibe coding as long as it’s not used for anything that matters
Linux inventor also discusses Rust in the kernel, Nvidia’s proprietary code, and the problem of AI crawlers First seen on theregister.com Jump to article: www.theregister.com/2025/11/18/linus_torvalds_vibe_coding/
-
Rust Adoption Drives Android Memory Safety Bugs Below 20% for First Time
Google has disclosed that the company’s continued adoption of the Rust programming language in Android has resulted in the number of memory safety vulnerabilities falling below 20% for the first time.”We adopted Rust for its security and are seeing a 1000x reduction in memory safety vulnerability density compared to Android’s C and C++ code. But…
-
Android Reports Major Drop in Memory Bugs as Rust Adoption Accelerates
Android has shared new insights into how the platform’s long-term shift toward Rust is reshaping both security and software development. The new data reflects a decisive move toward memory safety, and, unexpectedly, faster engineering cycles across the Android ecosystem. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/android-rust-memory-safety-productivity/