Kimsuky targets organizations with PebbleDash-based tools

Over the past few months, we have conducted an in-depth analysis of specific activity clusters of Kimsuky aka APT43, Ruby Sleet, Black Banshee, Sparkling Pisces, Velvet Chollima, and Springtail, a prolific Korean-speaking threat actor. Our research revealed notable tactical shifts throughout...

Astra Linux - уязвимость в rustc

In the standard library in Rust before 1.49.0, String::retain function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provided closure panics. This bug could result in a memory safety violation when other string APIs assume that UTF-8 encoding is used on the sa...

UBUNTU-CVE-2026-41898

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.24 to before 0.10.78, the FFI trampolines behind SslContextBuilder::setpskclientcallback, setpskservercallback, setcookiegeneratecb, and setstatelesscookiegeneratecb forwarded the user closure's returned usize...

CVE-2021-31996

An issue was discovered in the algorithmica crate through 2021-03-07 for Rust. There is a double free in mergesort::merge...

GHSA-G59M-GF8J-GJF5 AWS SDK for Rust v1 adopted defense in depth enhancement for region parameter value

Summary This notification is related to the use of specific values for the region input field when calling AWS services. An actor with access to the environment in which the SDK is used could set the region input field to an invalid value. A defense-in-depth enhancement has been implemented in th...

CVE-2026-22257

Salvo is a Rust web backend framework. Prior to version 0.88.1, the function listhtml generates a file view of a folder without sanitizing the files or folders names, this may potentially lead to XSS in cases where a website allow the access to public files using this feature and anyone can uploa...

EUVD-2018-1987

Malware in sbrugna...

EUVD-2018-1957

Malware in sbrugna...

EUVD-2019-2035

Malware in sbrugna...

EUVD-2021-1543

Malware in sbrugna...

EUVD-2021-1621

Malware in sbrugna...

EUVD-2022-26876

Malicious code in bioql PyPI...

EUVD-2022-6662

Malicious code in bioql PyPI...

EUVD-2024-40268

Malicious code in bioql PyPI...

EUVD-2022-6934

Malicious code in bioql PyPI...

TencentOS Server 3: rust-toolset:rhel8 (TSSA-2022:0116)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0116 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

[SECURITY] Fedora 41 Update: ruff-0.11.5-2.fc41

An extremely fast Python linter and code formatter, written in Rust. Ruff aims to be orders of magnitude faster than alternative tools while integrating more functionality behind a single, common interface. Ruff can be used to replace Flake8 plus dozens of plugins, Black, isort, pydocstyle,...

CVE-2021-29931

An issue was discovered in the arenavec crate through 2021-01-12 for Rust. A double drop can sometimes occur upon a panic in T::drop...

CVE-2021-45684

An issue was discovered in the flumedb crate through 2021-01-07 for Rust. readentry may read from uninitialized memory locations...

CVE-2020-36514

An issue was discovered in the accreader crate through 2020-12-27 for Rust. fillbuf may read from uninitialized memory locations...