Tag: rust
-
TARmageddon flaw in abandoned Rust library enables RCE attacks
A high-severity vulnerability in the now-abandoned async-tar Rust library and its forks can be exploited to gain remote code execution on systems running unpatched software. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/tarmageddon-flaw-in-abandoned-rust-library-enables-rce-attacks/
-
TARmageddon flaw in Async-Tar Rust library allows to smuggle extra archives when the library is processing nested TAR files
CVE-2025-62518 TARmageddon flaw in Rust async-tar and forks like tokio-tar may allow remote code execution, says Edera. Edera team disclosed a vulnerability tracked as CVE-2025-62518 (CVSS score: 8.1), dubbed TARmageddon, in the Rust async-tar library and forks like tokio-tar. A remote attacker can exploit the flaw to achieve code execution. >>astral-tokio-tar is a tar archive…
-
Forking confusing: Vulnerable Rust crate exposes uv Python packager
Forks of forks of forks, but which ones are patched? First seen on theregister.com Jump to article: www.theregister.com/2025/10/22/vulnerable_rust_crate/
-
TARmageddon Flaw in Async-Tar Rust Library Could Enable Remote Code Execution
Cybersecurity researchers have disclosed details of a high-severity flaw impacting the popular async-tar Rust library and its forks, including tokio-tar, that could result in remote code execution under certain conditions.The vulnerability, tracked as CVE-2025-62518 (CVSS score: 8.1), has been codenamed TARmageddon by Edera, which discovered the issue in late August 2025. It impacts several First…
-
New Rust Malware “ChaosBot” Hides CommandControl Inside Discord
A sophisticated, Rust-based malware dubbed ChaosBot has been exposed utilizing the Discord platform for its Command and Control (C2) operations. This isn’t your average botnet; it’s a new generation of threat that hides its malicious traffic by communicating over the popular, legitimate service, making detection significantly more challenging for traditional security tools. ChaosBot operates by…
-
New Rust Malware “ChaosBot” Hides CommandControl Inside Discord
A sophisticated, Rust-based malware dubbed ChaosBot has been exposed utilizing the Discord platform for its Command and Control (C2) operations. This isn’t your average botnet; it’s a new generation of threat that hides its malicious traffic by communicating over the popular, legitimate service, making detection significantly more challenging for traditional security tools. ChaosBot operates by…
-
Researchers uncover remote code execution flaw in abandoned Rust code library
The high-severity defect affects a widely used, but largely hidden, archive tool that spans many forks. First seen on cyberscoop.com Jump to article: cyberscoop.com/async-tar-rust-open-source-vulnerability/
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 67
Tags: banking, control, github, international, korea, malicious, malware, north-korea, resilience, rustSecurity Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Astaroth: Banking Trojan Abusing GitHub for Resilience North Korea’s Contagious Interview Campaign Escalates: 338 Malicious npm Packages, 50,000 Downloads New Rust Malware >>ChaosBot
-
Denial of Fuzzing: Rust-Safe Code Triggers Kernel Crashes in Windows
Malformed EMF files crash Windows 11 via a Rust-based kernel bug. Microsoft patches issue after Check Point’s denial-of-service discovery. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/windows-fuzzing-rust-vulnerability/
-
Windows GDI Vulnerability in Rust Kernel Module Enables Remote Attacks
A newly discovered flaw in Microsoft’s Rust-based Graphics Device Interface (GDI) kernel component allows unprivileged attackers to crash or take control of Windows systems. Check Point Research (CPR) uncovered the issue in January 2025 and reported it to Microsoft. The company addressed the bug in the May 28, 2025 KB5058499 preview update (OS Build 26100.4202),…
-
New Rust-Based Malware “ChaosBot” Uses Discord Channels to Control Victims’ PCs
Cybersecurity researchers have disclosed details of a new Rust-based backdoor called ChaosBot that can allow operators to conduct reconnaissance and execute arbitrary commands on compromised hosts.”Threat actors leveraged compromised credentials that mapped to both Cisco VPN and an over-privileged Active Directory account named, ‘serviceaccount,’” eSentire said in a technical report published First seen on thehackernews.com…
-
Malicious Rust packages on Crates.io steal crypto wallet keys
Two malicious packages with nearly 8,500 downloads in Rust’s official crate repository scanned developers’ systems to steal cryptocurrency private keys and other secrets. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/malicious-rust-packages-on-cratesio-steal-crypto-wallet-keys/
-
New Malicious Rust Crates Impersonate fast_log to Steal Solana and Ethereum Wallet Keys
A pair of malicious Rust crates masquerading as the popular fast_log library have been uncovered, harvesting private Solana and Ethereum keys from developers’ environments. The impostor crates include legitimate-looking logging functionality to evade detection, while a hidden routine scans source files for wallet keys and exfiltrates them to a hardcoded command-and-control (C2) endpoint. Between them,…
-
Malicious Rust Crates Steal Solana and Ethereum Keys, 8,424 Downloads Confirmed
Cybersecurity researchers have discovered two malicious Rust crates impersonating a legitimate library called fast_log to steal Solana and Ethereum wallet keys from source code.The crates, named faster_log and async_println, were published by the threat actor under the alias rustguruman and dumbnbased on May 25, 2025, amassing 8,424 downloads in total, according to software supply chain…
-
Malicious Rust Crates Steal Solana and Ethereum Keys, 8,424 Downloads Confirmed
Cybersecurity researchers have discovered two malicious Rust crates impersonating a legitimate library called fast_log to steal Solana and Ethereum wallet keys from source code.The crates, named faster_log and async_println, were published by the threat actor under the alias rustguruman and dumbnbased on May 25, 2025, amassing 8,424 downloads in total, according to software supply chain…
-
APT37 nutzt Rust-basierte Hintertür – Neue Backdoor in Windows-Systemen Angriffe laufen
First seen on security-insider.de Jump to article: www.security-insider.de/apt37-angriff-windows-systeme-rust-backdoor-rustonotto-a-99c3ae320d6ec45af493195af352652c/
-
Rust-style safety model for C++ ‘rejected’ as profiles take priority
Tags: rustSafe C++ proposal author claims that ‘will not ever work’ First seen on theregister.com Jump to article: www.theregister.com/2025/09/16/safe_c_proposal_ditched/
-
APT37 greift Windows Systeme mit Rust-Backdoor und Python-Loader an
Das Sicherheitsteam von Zscaler ThreatLabz hat aktuelle Aktivitäten der Hackergruppe APT37 untersucht. Dabei wurde erstmals eine neue Backdoor identifiziert, die auf Windows-Systeme abzielt. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/apt37-windows-system-rust-backdoor-python-loader
-
APT37 greift Windows-Systeme mit Rust-Backdoor und Python-Loader an
Das Zscaler-ThreatLabz-Team hat APT37 (auch bekannt als Scarcruft, Ruby-Sleet und Velvet-Chollima) unter die Lupe genommen, da über die Backdoor Rustonotto erstmals auch Windows-Systeme angegriffen werden. APT37 zielt in erster Linie auf südkoreanische Aktivisten ab, die mit dem nordkoreanischen Regime in Verbindung stehen oder sich für Menschenrechte engagieren, und nutzt dabei speziell entwickelte Malware und neue…
-
Phishing campaign targets Rust developers
Developers publishing crates (binaries and libraries written in Rust) on crates.io, Rust’s main public package registry, have been targeted with emails echoing the recent npm … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/15/phishing-campaign-targets-rust-developers/
-
APT37 Deploys New Rust and Python Malware Targeting Windows Systems
The North Korean-aligned threat group APT37, also known as ScarCruft, Ruby Sleet, and Velvet Chollima, has evolved its cyber warfare capabilities by deploying sophisticated Rust and Python-based malware in recent campaigns targeting Windows systems. Active since 2012, this advanced persistent threat group continues to focus on South Korean individuals connected to the North Korean regime…
-
Formal Methods for Stellar DeFi: Verifying Lending Protocol with Certora Sunbeam Prover
Hello! My name is Kirill Ziborov, and I’m a formal verification engineer and security researcher at Positive Web3. From February 24 to March 18, an audit contest for the Blend protocol on the Stellar blockchain was held on the Code4rena. In addition to the traditional manual audit, the competition included a formal verification track using…
-
ScarCruft Hacker Group Launches New Rust-Based Malware Attack Leveraging PubNub
The North Korean state-sponsored advanced persistent threat (APT) group known as ScarCruft has been linked to a sophisticated malware campaign targeting South Korean users. Disguised as a postal-code update notice, this infection chain was uncovered by S2W’s Threat Analysis and Intelligence Center (TALON), revealing a subgroup dubbed ChinopuNK that distributes the Chinotto malware. First identified…
-
VMware’s rivals ramp up their efforts to create alternative stacks
Red Hat and Open Nebula deliver big updates, as Edera tools for Xen with Rust First seen on theregister.com Jump to article: www.theregister.com/2025/07/07/vmware_rivals_ramp_virtualization_efforts/