Tag: rust
-
Ubuntu 26.04 LTS delivers memory-safe system tools and live patching for Arm servers
Linux distributions have spent the past few years absorbing GPU vendor toolchains, Rust-based system components, and more stringent encryption defaults. Ubuntu 26.04 LTS, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/24/ubuntu-26-04-lts-resolute-raccoon-released/
-
Ubuntu 26.04 LTS delivers memory-safe system tools and live patching for Arm servers
Linux distributions have spent the past few years absorbing GPU vendor toolchains, Rust-based system components, and more stringent encryption defaults. Ubuntu 26.04 LTS, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/24/ubuntu-26-04-lts-resolute-raccoon-released/
-
Ubuntu 26.04 LTS delivers memory-safe system tools and live patching for Arm servers
Linux distributions have spent the past few years absorbing GPU vendor toolchains, Rust-based system components, and more stringent encryption defaults. Ubuntu 26.04 LTS, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/24/ubuntu-26-04-lts-resolute-raccoon-released/
-
We beat Google’s zero-knowledge proof of quantum cryptanalysis
Tags: ai, application-security, attack, best-practice, computer, computing, control, cryptography, data, exploit, google, group, Hardware, metric, programming, risk, rust, technology, tool, update, vulnerabilityTwo weeks ago, Google’s Quantum AI group published a zero-knowledge proof of a quantum circuit so optimized, they concluded that first-generation quantum computers will break elliptic curve cryptography keys in as little as 9 minutes. Today, Trail of Bits is publishing our own zero-knowledge proof that significantly improves Google’s on all metrics. Our result is…
-
Google Adds Rust-Based DNS Parser into Pixel 10 Modem to Enhance Security
Google has announced the integration of a Rust-based Domain Name System (DNS) parser into the modem firmware as part of its ongoing efforts to beef up the security of Pixel devices and push memory-safe code at a more foundational level.”The new Rust-based DNS parser significantly reduces our security risk by mitigating an entire class of…
-
Linux 7.0 debuts as Linus Torvalds ponders AI’s bug-finding powers
Makes Rust support official, adds code for ancient Alpha and SPARC CPUs First seen on theregister.com Jump to article: www.theregister.com/2026/04/13/linux_kernel_7_releaseed/
-
Linux 7.0 debuts as Linus Torvalds ponders AI’s bug-finding powers and their impact on release process
Makes Rust support official, adds code for ancient Alpha and SPARC CPUs First seen on theregister.com Jump to article: www.theregister.com/2026/04/13/linux_kernel_7_releaseed/
-
UAT-10362 Targets Taiwanese NGOs with LucidRook Malware in Spear-Phishing Campaigns
A previously undocumented threat cluster dubbed UAT-10362 has been attributed to spear-phishing campaigns targeting Taiwanese non-governmental organizations (NGOs) and suspected universities to deploy a new Lua-based malware called LucidRook.”LucidRook is a sophisticated stager that embeds a Lua interpreter and Rust-compiled libraries within a dynamic-link library (DLL) to download and First seen on thehackernews.com Jump to…
-
N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust
The North Korea-linked persistent campaign known as Contagious Interview has spread its tentacles by publishing malicious packages targeting the Go, Rust, and PHP ecosystems.”The threat actor’s packages were designed to impersonate legitimate developer tooling […], while quietly functioning as malware loaders, extending Contagious Interview’s established playbook into a coordinated First seen on thehackernews.com Jump to…
-
Mutation testing for the agentic era
Tags: ai, api, authentication, blockchain, framework, guide, metric, open-source, risk, rust, skills, software, switch, tool, vulnerabilityCode coverage is one of the most dangerous quality metrics in software testing. Many developers fail to realize that code coverage lies by omission: it measures execution, not verification. Test suites with high coverage can obfuscate the fact that critical functionality is untested as software develops over time. We saw this when mutation testing uncovered…
-
Fake Certificate Loader Hides BlankGrabber Malware Chain
BlankGrabber’s operators are now abusing a fake “certificate” loader to hide a multi”‘stage Rust and Python infection chain, making this commodity stealer significantly harder to spot on Windows endpoints. The new technique relies on built”‘in tools such as certutil.exe, heavily obfuscated PyInstaller stubs, and stealthy exfiltration via Telegram and public web services to evade both…
-
Cryptographers engage in war of words over RustSec bug reports and subsequent ban
Rust security maintainers contend Nadim Kobeissi’s vulnerability claims are too much First seen on theregister.com Jump to article: www.theregister.com/2026/03/20/cryptographer_nadim_kobeissi_rustsec_ban/
-
The cyber perimeter was never dead. We just abandoned it.
Tags: access, advisory, authentication, awareness, backup, cisa, ciso, cloud, control, cyber, cybersecurity, data-breach, email, exploit, firewall, flaw, governance, government, Hardware, identity, infrastructure, Internet, resilience, risk, router, rust, service, software, strategy, technology, update, zero-trustIndustry has comforted itself with the idea that the perimeter is dead. It is not. What happened is far worse. We ignored the edge, let unsupported hardware decay in place, and effectively donated our perimeter to adversaries who were more than willing to accept it.The FBI’s Winter SHIELD effort is the operational side of the…
-
The cyber perimeter was never dead. We just abandoned it.
Tags: access, advisory, authentication, awareness, backup, cisa, ciso, cloud, control, cyber, cybersecurity, data-breach, email, exploit, firewall, flaw, governance, government, Hardware, identity, infrastructure, Internet, resilience, risk, router, rust, service, software, strategy, technology, update, zero-trustIndustry has comforted itself with the idea that the perimeter is dead. It is not. What happened is far worse. We ignored the edge, let unsupported hardware decay in place, and effectively donated our perimeter to adversaries who were more than willing to accept it.The FBI’s Winter SHIELD effort is the operational side of the…
-
The cyber perimeter was never dead. We just abandoned it.
Tags: access, advisory, authentication, awareness, backup, cisa, ciso, cloud, control, cyber, cybersecurity, data-breach, email, exploit, firewall, flaw, governance, government, Hardware, identity, infrastructure, Internet, resilience, risk, router, rust, service, software, strategy, technology, update, zero-trustIndustry has comforted itself with the idea that the perimeter is dead. It is not. What happened is far worse. We ignored the edge, let unsupported hardware decay in place, and effectively donated our perimeter to adversaries who were more than willing to accept it.The FBI’s Winter SHIELD effort is the operational side of the…
-
The cyber perimeter was never dead. We just abandoned it.
Tags: access, advisory, authentication, awareness, backup, cisa, ciso, cloud, control, cyber, cybersecurity, data-breach, email, exploit, firewall, flaw, governance, government, Hardware, identity, infrastructure, Internet, resilience, risk, router, rust, service, software, strategy, technology, update, zero-trustIndustry has comforted itself with the idea that the perimeter is dead. It is not. What happened is far worse. We ignored the edge, let unsupported hardware decay in place, and effectively donated our perimeter to adversaries who were more than willing to accept it.The FBI’s Winter SHIELD effort is the operational side of the…
-
The cyber perimeter was never dead. We just abandoned it.
Tags: access, advisory, authentication, awareness, backup, cisa, ciso, cloud, control, cyber, cybersecurity, data-breach, email, exploit, firewall, flaw, governance, government, Hardware, identity, infrastructure, Internet, resilience, risk, router, rust, service, software, strategy, technology, update, zero-trustIndustry has comforted itself with the idea that the perimeter is dead. It is not. What happened is far worse. We ignored the edge, let unsupported hardware decay in place, and effectively donated our perimeter to adversaries who were more than willing to accept it.The FBI’s Winter SHIELD effort is the operational side of the…
-
Rust-Based VENON Malware Targets 33 Brazilian Banks with Credential-Stealing Overlays
Cybersecurity researchers have disclosed details of a new banking malware targeting Brazilian users that’s written in Rust, marking a significant departure from other known Delphi-based malware families associated with the Latin American cybercrime ecosystem.The malware, which is designed to infect Windows systems and was first discovered last month, has been codenamed VENON by Brazilian First…
-
Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets
Cybersecurity researchers have discovered five malicious Rust crates that masquerade as time-related utilities to transmit .env file data to the threat actors.The Rust packages, published to crates.io, are listed below -chrono_anchordnp3timestime_calibratortime_calibratorstime-syncThe crates, per Socket, impersonate timeapi.io and were published between late February and early March First seen on thehackernews.com Jump to article: thehackernews.com/2026/03/five-malicious-rust-crates-and-ai-bot.html
-
AWS backs Open VSX as Rust survey shows VS Code decline
AI-first editors and agent-driven tooling intensify competition in the IDE market First seen on theregister.com Jump to article: www.theregister.com/2026/03/03/open_vsx_aws/
-
Indian APT ‘Sloppy Lemming’ Targets Defense, Critical Infrastructure
India-nexus cyber threat actors are growing more active and sophisticated, using custom tools coded in Rust and cloud-based command and control. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/india-apt-sloppy-lemming-defense-critical-infrastructure
-
SloppyLemming Espionage Campaign Targets Pakistan, Bangladesh with BurrowShell Backdoor and Rust RAT
SloppyLemming, an India-linked espionage group also known as Outrider Tiger and Fishing Elephant, has run a year-long cyber campaign against high”‘value targets in Pakistan and Bangladesh using a new BurrowShell backdoor and a Rust-based remote access tool (RAT). This activity builds directly on earlier operations exposed by Cloudflare’s CloudForce One in 2024. However, it shows…
-
Epic Fury introduces new layer of enterprise risk
Tags: access, apt, attack, business, cisa, ciso, communications, country, credentials, cyber, cybersecurity, data-breach, disinformation, exploit, group, infrastructure, intelligence, international, Internet, iran, malware, middle-east, network, ransomware, resilience, risk, rust, service, software, technology, tool, ukrainePhysical attacks on US-linked locations through direct action or partner groups. We are already seeing Iranian missile launches into a variety of nations in the region.Cyber operations that include disruptive activity, targeted intrusions, credential and access harvesting, destructive malware deployment, and the use of compromised infrastructure to support broader influence or operational objectives.Proxy networks across…
-
SloppyLemming Targets Pakistan and Bangladesh Governments Using Dual Malware Chains
The threat activity cluster known as SloppyLemming has been attributed to a fresh set of attacks targeting government entities and critical infrastructure operators in Pakistan and Bangladesh.The activity, per Arctic Wolf, took place between January 2025 and January 2026. It involves the use of two distinct attack chains to deliver malware families tracked as BurrowShell…
-
Stored XSS Vulnerability in RustFS Console Puts S3 Admin Credentials at Risk
A critical security flaw has been identified in the RustFS Console, exposing administrators to a high risk of account takeover. Tracked as CVE-2026-27822, this Stored Cross-Site Scripting (XSS) vulnerability carries a critical CVSS v3 score of 10.0 and affects versions of the Rust package before 1.0.0-alpha.82. The vulnerability allows an attacker to execute arbitrary JavaScript…
-
NDSS 2025 Translating C To Rust: Lessons From A User Study
Session 13D: Software Security: Code and Compiler Authors, Creators & Presenters: Ruishi Li (National University of Singapore), Bo Wang (National University of Singapore), Tianyu Li (National University of Singapore), Prateek Saxena (National University of Singapore), Ashish Kundu (Cisco Research) PAPER Translating C To Rust: Lessons From A User Study Rust aims to offer full memory…
-
NDSS 2025 Translating C To Rust: Lessons From A User Study
Session 13D: Software Security: Code and Compiler Authors, Creators & Presenters: Ruishi Li (National University of Singapore), Bo Wang (National University of Singapore), Tianyu Li (National University of Singapore), Prateek Saxena (National University of Singapore), Ashish Kundu (Cisco Research) PAPER Translating C To Rust: Lessons From A User Study Rust aims to offer full memory…
-
NDSS 2025 Translating C To Rust: Lessons From A User Study
Session 13D: Software Security: Code and Compiler Authors, Creators & Presenters: Ruishi Li (National University of Singapore), Bo Wang (National University of Singapore), Tianyu Li (National University of Singapore), Prateek Saxena (National University of Singapore), Ashish Kundu (Cisco Research) PAPER Translating C To Rust: Lessons From A User Study Rust aims to offer full memory…
-
NDSS 2025 Translating C To Rust: Lessons From A User Study
Session 13D: Software Security: Code and Compiler Authors, Creators & Presenters: Ruishi Li (National University of Singapore), Bo Wang (National University of Singapore), Tianyu Li (National University of Singapore), Prateek Saxena (National University of Singapore), Ashish Kundu (Cisco Research) PAPER Translating C To Rust: Lessons From A User Study Rust aims to offer full memory…
-
Operation Olalampo: MuddyWater Unleashes AI-Assisted Rust Malware and Telegram C2 in MENA Espionage Surge
The post Operation Olalampo: MuddyWater Unleashes AI-Assisted Rust Malware and Telegram C2 in MENA Espionage Surge appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/operation-olalampo-muddywater-unleashes-ai-assisted-rust-malware-and-telegram-c2-in-mena-espionage-surge/