Skip to main content

Tag: rust

9 articles

Developer workstation with laptop and terminal in a shared office space with cityscape background.

Compromised jscrambler NPM Package Drops Rust Infostealer

A malicious version of the jscrambler NPM package, 8.14.0, was published on July 11, 2026, and could silently infect your system with a Rust-based infostealer just by installing it, no extra steps required. Merely running the install command was enough to trigger the payload on vulnerable systems.

Analyst 207
Modern office interior with a clean desk and laptop workstation.

Silver Fox Deploying Advanced Modular RAT via gRPC Streaming

Meet MODBEACON, a sneaky new Remote Access Trojan linked to the Silver Fox cybercrime group, capable of secretly fetching modules, executing commands, and communicating with attackers. This advanced threat uses a plugin-based architecture and encrypted gRPC streaming to stay one step ahead.

Analyst 207
macOS computer screen with error message box on a cluttered desktop surrounded by icons and folders on a clean desk.

macOS Malware Embeds Fake Errors to Evade AI Analysis

Meet macOS.Gaslight, a sneaky new malware family from a North Korean-linked threat actor that's got a clever trick up its sleeve - embedding 38 fake system messages to throw off AI analysis tools. This tiny 3.5 KB payload is packed with deception, making it a formidable foe for cybersecurity experts.

Analyst 207
Dimly lit computer terminal in a quiet workspace with blurred background elements.

Arch Linux AUR Packages Targeted in Credential Stealer Campaign

Malicious actors have hijacked over 400 Arch Linux AUR packages, quietly altering their build scripts to deploy a sneaky Rust credential stealer in a campaign dubbed Atomic Arch. By targeting abandoned packages and preserving their original names and histories, the attackers cleverly evaded detection.

Analyst 207
Dimly lit software development workspace with laptop, notes, and coffee cups.

Malware Worms Infect npm Ecosystem in Dual Supply Chain Attacks

Meet IronWorm, a sneaky Rust-based malware that's infecting the npm ecosystem by scraping sensitive secrets from developers' machines and spreading through poisoned packages. This stealthy threat hides behind an eBPF kernel rootkit and communicates with its operators over Tor.

Analyst 207
A laptop with a blank screen sits amidst scattered papers and generic development tools in a well-lit workspace.

IronWorm Malware Infects 36 npm Packages in Supply-Chain Attack

Meet IronWorm, a sneaky Rust-based infostealer that's infected 36 npm packages, putting a wide range of sensitive credentials and secrets at risk of being harvested. This stealthy malware operates undetected, targeting everything from AWS and OpenAI credentials to cryptocurrency wallet files.

Analyst 207
Laptop, smartphone, and notebook arranged on a desk in a tidy workspace.

Malicious Repo Exploits OpenAI Model to Deliver Info Stealer

A malicious repository disguised as OpenAI's legitimate Privacy Filter model racked up 244,000 downloads and became the #1 trending project on Hugging Face, but actually hid a sneaky Rust-based information stealer targeting Windows machines. The fake repository, Open-OSS/privacy-filter, expertly impersonated OpenAI's release, even copying the official model card to gain users' trust.

Analyst 207
Smartphone glows in foreground against dark cityscape with distorted, fragmented infrastructure in background.

Google Bolsters Pixel Security with Rust-Based DNS Parser Integration

Google is taking a significant step to supercharge Pixel device security by integrating a Rust-based DNS parser into the modem firmware of the Pixel 10, leveraging the power of memory-safe code to fortify its software stack. This strategic move underscores the company's commitment to bolstering device security from the ground up.

Analyst 207
Shadowy figure in hoodie surrounded by screens and cables, coding on laptop with multiple terminals open.

North Korean Hackers Expand Malicious Package Reach Across Multiple Coding Ecosystems

Beware of the Trojan horse in your code: North Korean hackers have quietly infiltrated multiple package ecosystems, publishing around 1,700 malicious packages that masquerade as legitimate developer tools but act as malware loaders. This sneaky campaign, linked to the Contagious Interview group, puts developers and organizations relying on shared code on high alert.

Analyst 207