🦀 Looking for Rust malware samples to practice analyzing? Our Rust Malware Sample Gallery just received a major update, with 20 new families added! https://github.com/decoderloop/rust-malware-gallery

The Sample Gallery collects links to articles about malware written in Rust, organizes them by malware family, and includes a download link to a publicly available sample for every malware family. This is a resource for any malware analyst who wants to get hands-on with real Rust malware.

The last time the Sample Gallery was updated was almost 2 years ago, in January 2024. Since then, there's been an explosive growth in new Rust malware, including all of the following families that are now in the Sample Gallery:

SPICA, KrustyLoader, RustDoor, SSLoad, Fickle Stealer, Cicada3301 Ransomware, RustyClaw, Embargo Ransomware, RustyAttr, Akira Ransomware (both the Akira_v2 and Megazord variants), Banshee (Rust variant), RALord Ransomware, RustoBot, Tetra Loader, EDDIESTEALER, Myth Stealer, Rustonotto, RustyPages, ChaosBot

This is nearly one new Rust malware family observed in the wild, every month. Rust as a programming language for malware is here to stay!

#rust #rustlang #malware #infosec #ReverseEngineering #MalwareAnalysis #reversing

The leaked exploit toolkit for various iOS versions (Coruna)

https://github.com/khanhduytran0/coruna

#Xiaomi advisories by Taszk

https://labs.taszk.io/blog/post/114_mi_heap_bof/
https://labs.taszk.io/blog/post/113_mi_rng_predict/
https://labs.taszk.io/blog/post/112_mi_hshake_bypass/

It seems there is some exceptionally dump vendor policy in the works so #NoCVE

Part 1: https://www.youtube.com/watch?v=MhJoJRqJ0Wc

Fresh scan: "The UNIX System - a Sun Microsystems Technical Report" (1985)

https://drive.google.com/file/d/1dW6l6cFAiqTKj3bmTulynKQuOHeHMx0u/view?usp=sharing

I reported a bug in RenderDoc and it got fixed within 45 minutes (!!!)

TotalRecall - Reloaded.

Invested some time again into Windows Recall. Microsoft redesigned the entire architecture with VBS enclaves after the original TotalRecall. Took a closer look at the new defenses. This time going through MSRC.

The dream of a fast and reliable binary analysis framework is now a reality.

Today, we’re open sourcing http://VulHunt.RE 🎉
code: https://github.com/vulhunt-re/vulhunt
docs: https://vulhunt.re/docs

A huge kudos to the entire REsearch team!
https://bird.makeup/users/matrosov/statuses/2025997688437874893

> If you understand neither your program, nor your computer, you will succumb to every bug

~ Sun Tzu*

*not really

Meanwhile #IDA Pro: "Oops! internal error 1783 occurred."

#idapro #reverseengineering #hexrays #gdbserver #qemu

RE//verse 2026 videos are online

https://www.youtube.com/watch?v=o0boA1N6JV0&list=PLBKkldXXZQhD1hzCkhhMQXjEQ_qWnFtQn

[RSS] [video] RE//verse 2026: Hacking the Xbox One

https://www.youtube.com/watch?v=FTFn4UZsA5U

[RSS] Fantastic unwind information and where to find them

https://klezvirus.github.io/posts/Byoud/

#BOFH excuse #386:

The Internet is being scanned for viruses.

Anybody in cybersecurity from #Cern on Mastodon? We're planning a trip there with our youngsters from cybersecurity.li and if we could get a network/security insight addition that would be cool. Pls RT

...

[RSS] My Lego Build: The Revolt

https://jericho.blog/2026/03/15/my-lego-build-the-revolt/

Glad I'm not the only one doing LEGO horror sets :)

A major concern of mine re: LLM use in OSS is that if you can implement anything it becomes increasingly difficult to discard ideas that should not be implemented at all.

As a lot of the devices we use in the kitchen (Thermomix, microwaves, dishwashers, coffeemakers etc) use complete operating systems and embedded computers nowadays, often with internet connectivity for who knows what. So. Will we soon see mandated fingerprint readers for age verification or will a simple switch with "18+" be sufficient to continue to cook and clean? #SarcasmButOnlyHalf