Tag: rust

Rust-style safety model for C++ ‘rejected’ as profiles take priority

Sep 17, 2025 7:16 PM

Tags: rust

Safe C++ proposal author claims that ‘will not ever work’ First seen on theregister.com Jump to article: www.theregister.com/2025/09/16/safe_c_proposal_ditched/
APT37 greift Windows Systeme mit Rust-Backdoor und Python-Loader an

Sep 17, 2025 11:15 AM

Tags: backdoor, rust, windows

Das Sicherheitsteam von Zscaler ThreatLabz hat aktuelle Aktivitäten der Hackergruppe APT37 untersucht. Dabei wurde erstmals eine neue Backdoor identifiziert, die auf Windows-Systeme abzielt. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/apt37-windows-system-rust-backdoor-python-loader
APT37 greift Windows-Systeme mit Rust-Backdoor und Python-Loader an

Sep 16, 2025 1:16 PM

Tags: backdoor, cyberattack, malware, rust, windows

Das Zscaler-ThreatLabz-Team hat APT37 (auch bekannt als Scarcruft, Ruby-Sleet und Velvet-Chollima) unter die Lupe genommen, da über die Backdoor Rustonotto erstmals auch Windows-Systeme angegriffen werden. APT37 zielt in erster Linie auf südkoreanische Aktivisten ab, die mit dem nordkoreanischen Regime in Verbindung stehen oder sich für Menschenrechte engagieren, und nutzt dabei speziell entwickelte Malware und neue…
Phishing campaign targets Rust developers

Sep 15, 2025 7:15 PM

Tags: email, phishing, rust

Developers publishing crates (binaries and libraries written in Rust) on crates.io, Rust’s main public package registry, have been targeted with emails echoing the recent npm … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/15/phishing-campaign-targets-rust-developers/
APT37 Deploys New Rust and Python Malware Targeting Windows Systems

Sep 9, 2025 10:08 AM

Tags: cyber, group, malware, north-korea, rust, threat, warfare, windows

The North Korean-aligned threat group APT37, also known as ScarCruft, Ruby Sleet, and Velvet Chollima, has evolved its cyber warfare capabilities by deploying sophisticated Rust and Python-based malware in recent campaigns targeting Windows systems. Active since 2012, this advanced persistent threat group continues to focus on South Korean individuals connected to the North Korean regime…
APT37 Targets Windows with Rust Backdoor and Python Loader

Sep 8, 2025 5:08 PM

Tags: api, attack, backdoor, cctv, cloud, computer, control, data, detection, exploit, government, group, infection, injection, jobs, korea, malicious, malware, microsoft, monitoring, north-korea, organized, password, phishing, powershell, programming, rust, service, social-engineering, spear-phishing, startup, tactics, theft, threat, tool, update, vulnerability, windows

IntroductionAPT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima) is a North Korean-aligned threat actor active since at least 2012. APT37 primarily targets South Korean individuals connected to the North Korean regime or involved in human rights activism, leveraging custom malware and adopting emerging technologies.In recent campaigns, APT37 utilizes a single command-and-control (C2) server…
APT37 Targets Windows with Rust Backdoor and Python Loader

Sep 8, 2025 5:08 PM

Tags: api, attack, backdoor, cctv, cloud, computer, control, data, detection, exploit, government, group, infection, injection, jobs, korea, malicious, malware, microsoft, monitoring, north-korea, organized, password, phishing, powershell, programming, rust, service, social-engineering, spear-phishing, startup, tactics, theft, threat, tool, update, vulnerability, windows

IntroductionAPT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima) is a North Korean-aligned threat actor active since at least 2012. APT37 primarily targets South Korean individuals connected to the North Korean regime or involved in human rights activism, leveraging custom malware and adopting emerging technologies.In recent campaigns, APT37 utilizes a single command-and-control (C2) server…
APT37 Targets Windows with Rust Backdoor and Python Loader

Sep 8, 2025 5:08 PM

Tags: api, attack, backdoor, cctv, cloud, computer, control, data, detection, exploit, government, group, infection, injection, jobs, korea, malicious, malware, microsoft, monitoring, north-korea, organized, password, phishing, powershell, programming, rust, service, social-engineering, spear-phishing, startup, tactics, theft, threat, tool, update, vulnerability, windows

IntroductionAPT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima) is a North Korean-aligned threat actor active since at least 2012. APT37 primarily targets South Korean individuals connected to the North Korean regime or involved in human rights activism, leveraging custom malware and adopting emerging technologies.In recent campaigns, APT37 utilizes a single command-and-control (C2) server…
Formal Methods for Stellar DeFi: Verifying Lending Protocol with Certora Sunbeam Prover

Aug 26, 2025 3:55 PM

Tags: blockchain, framework, guide, insurance, rust, tactics, tool, update

Hello! My name is Kirill Ziborov, and I’m a formal verification engineer and security researcher at Positive Web3. From February 24 to March 18, an audit contest for the Blend protocol on the Stellar blockchain was held on the Code4rena. In addition to the traditional manual audit, the competition included a formal verification track using…
ScarCruft Hacker Group Launches New Rust-Based Malware Attack Leveraging PubNub

Aug 7, 2025 6:11 PM

Tags: attack, cyber, group, hacker, infection, intelligence, malware, north-korea, rust, threat, update

The North Korean state-sponsored advanced persistent threat (APT) group known as ScarCruft has been linked to a sophisticated malware campaign targeting South Korean users. Disguised as a postal-code update notice, this infection chain was uncovered by S2W’s Threat Analysis and Intelligence Center (TALON), revealing a subgroup dubbed ChinopuNK that distributes the Chinotto malware. First identified…
6 ways hackers hide their tracks

Aug 7, 2025 10:11 AM

Tags: access, ai, antivirus, api, attack, backdoor, breach, captcha, ceo, computer, control, credentials, crypto, cybersecurity, data, data-breach, defense, detection, email, endpoint, exploit, github, hacker, injection, intelligence, jobs, law, linux, LLM, login, malicious, malware, monitoring, network, open-source, openai, phishing, programming, RedTeam, resilience, reverse-engineering, risk, rust, service, social-engineering, software, supply-chain, threat, tool, virus, windows

Backdoors in legitimate software libraries: In April 2024, it was revealed that the XZ Utils library had been covertly backdoored as part of years-long supply-chain compromise effort. The widely used data compression library that ships as a part of major Linux distributions had malicious code inserted into it by a trusted maintainer.Over the last decade,…
Ransomware attacks: The evolving extortion threat to US financial institutions

Aug 4, 2025 2:28 PM

Tags: access, ai, antivirus, attack, backup, banking, breach, business, cloud, communications, compliance, control, credentials, crime, crimes, cyber, cybercrime, cybersecurity, dark-web, data, ddos, defense, detection, edr, email, encryption, endpoint, extortion, finance, firewall, governance, group, identity, incident response, infrastructure, insurance, intelligence, international, korea, law, leak, least-privilege, lessons-learned, linkedin, linux, lockbit, login, malicious, mfa, monitoring, network, north-korea, organized, phishing, ransom, ransomware, resilience, risk, rust, service, soc, social-engineering, software, startup, strategy, supply-chain, tactics, theft, threat, tool, training, update, usa, vmware, vulnerability, warfare, windows, zero-trust

Before sunrise on a chilly November morning, I got the kind of call no security leader ever wants. A mid-sized U.S. bank had been hit overnight hard. Customers couldn’t access their accounts, ATMs were non-functional and every screen in the company’s environment glowed with the same ominous message: their systems were encrypted, and data had…
VMware’s rivals ramp up their efforts to create alternative stacks

Jul 8, 2025 11:34 AM

Tags: rust, tool, update, vmware

Red Hat and Open Nebula deliver big updates, as Edera tools for Xen with Rust First seen on theregister.com Jump to article: www.theregister.com/2025/07/07/vmware_rivals_ramp_virtualization_efforts/
Neuer Rust-basierter Infostealer entdeckt – Warnung vor ‘EddieStealer” mit Tarnung als CAPTCHA-Prüfung

Jul 3, 2025 8:34 AM

Tags: captcha, rust

First seen on security-insider.de Jump to article: www.security-insider.de/neue-malware-eddiestealer-angriffe-auf-windows-systeme-via-captcha-seiten-a-eb4c4cafde7ac6eea4c7cf08b8f0e6c8/
North Korean crypto thieves deploy custom Mac backdoor

Jul 3, 2025 12:35 AM

Tags: apple, apt, attack, backdoor, control, crime, crypto, cyberespionage, data, detection, email, finance, government, group, hacker, infection, injection, macOS, malicious, malware, north-korea, programming, rust, theft, threat, update

North Korean threat actors are targeting companies from the Web3 and crypto industries with a backdoor designed for macOS written in niche programming language Nim. The attackers are also using AppleScript for early stage payloads, including a fake Zoom update.”North Korean-aligned threat actors have previously experimented with Go and Rust, similarly combining scripts and compiled…
RIFT: Open-Source Rust Malware Analyzer Released by Microsoft

Jun 30, 2025 1:33 PM

Tags: cyber, cybercrime, exploit, intelligence, malware, microsoft, open-source, programming, rust, threat, tool

As cybercriminals and nation-state actors increasingly turn to the Rust programming language for malware development, Microsoft’s Threat Intelligence Center has unveiled a powerful new open-source tool called RIFT to help security analysts combat this growing threat. Rust, renowned for its speed, memory safety, and robustness, is now being exploited for its advantages in creating malware…
RIFT: New open-source tool from Microsoft helps analyze Rust malware

Jun 30, 2025 12:34 PM

Tags: intelligence, malicious, malware, microsoft, open-source, rust, threat, tool

Microsoft’s Threat Intelligence Center has released a new tool called RIFT to help malware analysts identify malicious code hidden in Rust binaries. While Rust is becoming … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/30/rift-open-source-microsoft-tool-analyze-rust-malware/
Cybersecurity Snapshot: U.S. Gov’t Urges Adoption of Memory-Safe Languages and Warns About Iran Cyber Threat

Jun 27, 2025 6:36 PM

Tags: access, advisory, ai, api, attack, authentication, best-practice, cisa, computer, computing, crypto, cryptography, cyber, cybersecurity, data, defense, encryption, exploit, finance, framework, google, governance, government, group, hacker, healthcare, infrastructure, injection, intelligence, Internet, iran, login, mfa, military, mitigation, mitre, network, nist, passkey, password, programming, ransomware, risk, rust, service, software, strategy, tactics, technology, terrorism, threat, tool, training, vulnerability, warfare

Check out the U.S. government’s latest call for developers to use memory-safe programming languages, as well as its warning for cybersecurity teams regarding cyber risk from hackers tied to Iran. Plus, get the latest on ransomware trends, the quantum computing cyber threat and more! Dive into five things that are top of mind for the…
Lerneffekte aus der aktuell effektivsten Ransomware Qilin

Jun 23, 2025 4:35 PM

Tags: cyberattack, cybercrime, ransomware, rust, vmware

Qilin zählt inzwischen zu den aktivsten und wirkungsvollsten Ransomware-Operationen weltweit. Die Schadsoftware verbreitet sich zunehmend über etablierte Cybercrime-Netzwerke und spielt eine zentrale Rolle in aktuellen Bedrohungsmodellen. Die ersten Versionen wurden 2022 unter dem Namen “Agent” veröffentlicht und später vollständig in Rust neu entwickelt. Ab Ende 2023 gewann die Gruppe durch gezielte Angriffe auf VMware-ESXi-Systeme an…
Rust-based Myth Stealer Malware Spread via Fake Gaming Sites Targets Chrome, Firefox Users

Jun 10, 2025 5:55 PM

Tags: browser, chrome, cybersecurity, malicious, malware, rust

Cybersecurity researchers have shed light on a previously undocumented Rust-based information stealer called Myth Stealer that’s being propagated via fraudulent gaming websites.”Upon execution, the malware displays a fake window to appear legitimate while simultaneously decrypting and executing malicious code in the background,” Trellix security researchers Niranjan Hegde, Vasantha Lakshmanan First seen on thehackernews.com Jump to…
New Rust-Developed InfoStealer Drains Sensitive Data from Chromium-Based Browsers

Jun 6, 2025 7:55 PM

Tags: browser, chrome, credentials, cyber, cybersecurity, data, google, login, malware, microsoft, programming, rust, threat

A newly identified information-stealing malware, crafted in the Rust programming language, has emerged as a significant threat to users of Chromium-based browsers such as Google Chrome, Microsoft Edge, and others. Dubbed >>RustStealer
Threat Actors Leverage ClickFix Technique to Deploy EddieStealer Malware

Jun 2, 2025 9:54 PM

Tags: attack, captcha, cyber, cybersecurity, data, malicious, malware, rust, social-engineering, tactics, threat

Cybersecurity researchers have identified a sophisticated malware campaign utilizing deceptive CAPTCHA interfaces to distribute EddieStealer, a Rust-based information stealing malware that targets sensitive user data across multiple platforms. The attack employs the ClickFix technique, tricking victims into executing malicious commands through fake verification prompts, representing a significant evolution in social engineering tactics used by cybercriminals.…
ClickFix used to spread novel Rust-based infostealer

May 31, 2025 10:55 PM

Tags: rust

First seen on scworld.com Jump to article: www.scworld.com/news/clickfix-used-to-spread-novel-rust-based-infostealer
New EDDIESTEALER Malware Bypasses Chrome’s App-Bound Encryption to Steal Browser Data

May 30, 2025 5:55 PM

Tags: browser, captcha, chrome, data, encryption, malicious, malware, powershell, rust, social-engineering

A new malware campaign is distributing a novel Rust-based information stealer dubbed EDDIESTEALER using the popular ClickFix social engineering tactic initiated via fake CAPTCHA verification pages.”This campaign leverages deceptive CAPTCHA verification pages that trick users into executing a malicious PowerShell script, which ultimately deploys the infostealer, harvesting sensitive data such as First seen on thehackernews.com…
From Code Red to Rust: Microsoft’s Security Journey

May 30, 2025 3:55 PM

Tags: conference, microsoft, rust

At this year’s Build developer conference, Microsoft reflects on what the company learned about securing features and writing secure code in the early 2000s. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/from-code-red-to-rust-microsoft-security-journey
New Rust-Based InfoStealer Uses Fake CAPTCHA to Deliver EDDIESTEALER

May 30, 2025 10:55 AM

Tags: captcha, cyber, data, google, malicious, powershell, rust, social-engineering, windows

A newly discovered Rust-based infostealer, dubbed EDDIESTEALER, has been uncovered by Elastic Security Labs, spreading through a sophisticated social engineering tactic involving fake CAPTCHA verification pages. Mimicking legitimate CAPTCHA systems like Google’s reCAPTCHA, these malicious prompts deceive users into executing harmful PowerShell scripts, ultimately deploying the infostealer on Windows systems to harvest sensitive data such…
Linux 6.15 Launches with Major Performance and Hardware Upgrades

May 26, 2025 12:54 PM

Tags: cyber, Hardware, linux, nvidia, open-source, rust

The Linux 6.15 kernel, released on May 25, 2025, marks a pivotal moment in open-source development, introducing several groundbreaking features and technical advancements. Most notably, this release debuts the first Rust-written Direct Rendering Manager (DRM) driver, NOVA, targeting NVIDIA RTX 2000 “Turing” series and newer GPUs. The NOVA driver, written entirely in Rust, represents a…
Ransomware-Bande BlackBasta hat neuen Malware-Favoriten

May 21, 2025 3:55 PM

Tags: api, dns, encryption, malware, powershell, ransomware, rust, tool

Modularität für verschiedene Zwecke: Die Malware Skitnet verfügt über separate Plug-ins umAnmeldeinformationen zu sammeln,Berechtigungen auszuweiten,sich im Netzwerk lateral zu bewegen undRansomware bereitzustellen.Sie nutzt die Programmiersprachen Rust und Nim, um eine verdeckte Reverse Shell über das DNS-Protokoll zu realisieren. Dadurch ist eine unauffällige C2-Kommunikation möglich.Zusätzlich verwendet Skitnet Verschlüsselung, manuelles Mapping und dynamische API-Auflösung, um nicht entdeckt…
Skitnet malware: The new ransomware favorite

May 20, 2025 2:54 PM

Tags: access, api, awareness, cybersecurity, data, detection, dns, encryption, malware, phishing, powershell, programming, ransomware, risk, rust, tool, training

Malware employs advanced obfuscation: According to a Prodaft description, Skitnet uses Rust and Nim programming languages to execute a stealthy reverse shell over DNS, which is a method of covert C2 Communication using the DNS protocol instead of HTTP or other typical channels.Additionally, the malware leverages encryption, manual mapping, and dynamic API resolution to evade…
China-Nexus Nation State Actors Exploit SAP NetWeaver (CVE-2025-31324) to Target Critical Infrastructures

May 13, 2025 5:38 PM

Tags: access, api, apt, attack, authentication, backdoor, backup, breach, business, china, cloud, control, cve, cyber, data, data-breach, detection, dns, encryption, endpoint, espionage, exploit, finance, firewall, fortinet, google, government, group, infection, infrastructure, intelligence, Internet, ivanti, linux, malicious, malware, mandiant, military, network, open-source, programming, rat, remote-code-execution, reverse-engineering, risk, rust, sap, service, strategy, tactics, threat, tool, update, vmware, vpn, vulnerability, windows, zero-day

Executive Summary EclecticIQ analysts assess with high confidence that, in April 2025, China-nexus nation-state APTs (advanced persistent threat) launched high-temp exploitation campaigns against critical infrastructure networks by targeting SAP NetWeaver Visual Composer. Actors leveraged CVE-2025-31324 [1], an unauthenticated file upload vulnerability that enables remote code execution (RCE). This assessment is based on a publicly…