#memorysafety — Public Fediverse posts

Warning: CVE-2025-40739 (CWEs: ['CWE-125']) found no CAPEC relationships.
Warning: CVE-2025-40741 (CWEs: ['CWE-121']) found no CAPEC relationships.

#SoftwareSecurity #MemorySafety #CWE #ADBE
2/2

Warning: CVE-2025-40739 (CWEs: ['CWE-125']) found no CAPEC relationships.
Warning: CVE-2025-40741 (CWEs: ['CWE-121']) found no CAPEC relationships.

#SoftwareSecurity #MemorySafety #CWE #ADBE
2/2

Ah yes, the thrilling world of #FilC, where we simplify a "memory safe" version of C by rewriting everything with the grace of a toddler with finger paints. 🎨💻 Because nothing says #innovation like rehashing old concepts with more buzzwords than a Silicon Valley power lunch. 🚀
https://www.corsix.org/content/simplified-model-of-fil-c #MemorySafety #CProgramming #TechBuzz #HackerNews #ngated

Google reveals Pixel 10 modem firmware now uses Rust to reduce baseband security risks

https://fed.brid.gy/r/https://nerds.xyz/2026/04/pixel-10-rust-baseband/

This week on #OpenSourceSecurity I chat with @djc and @ctz about #Rustls. A lot has happened with Rustls in the last few years (and there's a lot more to come). Writing a TLS implementation is incredibly complicated, even when you don't have to worry about memory safety

https://opensourcesecurity.io/2025/2025-12-rustls-dirkjan-joe/

#TLS #Rustls #Rust #MemorySafety

"#Exclaves land in MacOS

Nobody is really surprised that the MacOS 26.0.1 firmware image of the about to be released MacBook Pro #M5 reveals that Memory Integrity Enforcement (#MIE) on top of the ARM64 Enhanced Memory Tagging Extension (#EMTE) is used. Extremely surprising is however that Apple is now shipping the Secure Kernel (#SK) and #ExclaveCore / #ExclaveOS with MacOS. This means Apple's newest security boundary #Exclaves has finally arrived in MacOS."

https://www.linkedin.com/posts/stefan-esser-903582240_exclaves-m5-mie-activity-7384980813031043073-EfhS

#MTE #MemorySafety #ExploitMitigation

Rust continues to reshape Android’s security posture.

Google reports memory-safety bugs are now under 20%, backed by:
• 1000× reduction in memory-safety bug density vs C/C++
• 4× fewer rollbacks
• Faster reviews + fewer revisions
• Rust moving deeper into kernel, firmware & Android’s security-sensitive apps
A recent “near-miss” RCE (CVE-2025-48530) in unsafe Rust was mitigated by Scudo before reaching public release.

Thoughts from the AppSec community?
Follow @technadu for more unbiased cybersecurity reporting.

#RustLang #MemorySafety #AndroidSecurity #AppSec #InfoSec #DevSecOps #SecureCoding #TechNadu

🧠💥 "Memory Safety for Skeptics" is here to convince you that worrying about your software's memory safety is just as thrilling as watching paint dry. 🎨😴 Despite #Rust being hailed as the knight in shining armor for this cause, it's really just a hipster language trying to make buffer overflows feel passé. 🛡️📉
https://queue.acm.org/detail.cfm?id=3773095 #MemorySafety #Skeptics #Programming #BufferOverflows #SoftwareDevelopment #HackerNews #ngated

Memory Safety for Skeptics

https://queue.acm.org/detail.cfm?id=3773095

#HackerNews #MemorySafety #Skeptics #Cybersecurity #SoftwareDevelopment #ACMQueue

Ah, the elusive hunt for the Holy Grail of bug-free JIT compilers—where "memory safety" is the unicorn 🦄 and Mike Hearn is the brave knight in digital armor ⚔️. It's a thrilling 10-minute epic where you learn that the real exploit was the memory leaks we made along the way. 🚀
https://medium.com/graalvm/writing-truly-memory-safe-jit-compilers-f79ad44558dd #bugfreeJIT #memorysafety #MikeHearn #digitalarmor #memoryleaks #techadventure #HackerNews #ngated

“half of tracked security vulnerabilities are not possible in Rust”
- - tpo/core/arti

#oniux
has anyone tested with #Wireshark ?
#audit
But you can verify oniux bash with curl. With

→ oniux bash each time in a new tab in terminal ←

you will have stream isolated the application with a new exit IP (tor circuit), new ephemeral PID.

Nothing like nyx to test without the control port, but a rs network analysis tool could.
#StreamIsolation #MemorySafety #Rustlang #Kernel #tun

Day 1 of posting to social media until I get an offensive security research job

First, I’m going to start with what I know – Windows. I need to recreate what I had access to at Microsoft, so that starts by setting up a dev environment and finding a copy of Windows System Internals, perhaps the greatest resource for learning Windows out there. My expertise is in Windows and virtualization, so I’m going to make sure I master those areas.

Next, I don’t think I want to grind coding exercises, but I do need to shake the rust off my coding skills. I think I’m going to start with some HackTheBox challenges and find some CTFs to participate in.

Finally, my long overdue goal: learn Rust. I’m not sure if this will help immediately, as I could choose to improve my knowledge of Python. But Rust was getting more and more popular in the areas of Windows I was tasked with protecting, so I need to learn what all the fuss is about with regards to memory safety.

If anyone is on a similar journey, let’s hold each other accountable in the comments! I will be sure to document any write-ups at blog.maxrenke.com (work in progress).

#OffensiveSecurity #CyberSecurity #WindowsInternals #HackTheBox #CTF #EthicalHacking #RedTeam #BlueTeam #RustLang #PythonProgramming #DevEnvironment #InfoSec #CyberCareer #SecurityResearch #MemorySafety #CyberCommunity #JobSearch #TechJourney #SecurityEngineering #Pentesting #LearningEveryDay

Memory Safety Features in Zig

https://gencmurat.com/en/posts/memory-safety-features-in-zig/

#HackerNews #MemorySafety #ZigProgramming #SecureCoding #RustComparison

In #RDM we too often take the technical layers that ensure privacy and integrity of data exchange for granted, despite dozen of critical incidents over the last years. We therefore welcome the recent decision of the German @sovtechfund to fund the ISRG's #Prossimo project with 1.5 MEUR to reduce attack surfaces in important components like #TLS libraries:

https://www.memorysafety.org/blog/1.5m-from-sovereign-tech-fund/

#ISRG #Rustls #memorysafety

Our #BGP #routing team will be available at #RIPE86 as well:
🛰️ Excited by our #OpenSource modular #BGP toolkit Rotonda? It's written in #rustlang too, making it insanely fast while providing #MemorySafety. Talk to @jasper, Luuk or Ximon about our imminent launch.
🦐 Meanwhile, we’ve been cooking up #ASPA support to compliment #BGPsec in Krill, our #RPKI CA software. Tim can tell you all about it, along with our future plans.

›They Have Played Us #Programmer|s for Absolute #Fool|s‹

🧷 https://www.youtube.com/watch?v=QTiAWZ1YfzI&t=217s

🌺

🏷️ #Lisp #Scheme #CommonLisp #CPP #Rust #DennisRitchie #BrianKernighan #BjarneStroustrup #CLang #Rustacean #MetaProgramming #Risitas #JohnMcCarthy #Unix #Pipes #Segfault #NullPointer #UndefinedBehaviour #GarbageCollection #MemoryManagement #BellLabs #ObjectSystem #FunctionalProgramming #Syntax #Rustaceans #MemorySafety #ElRisitas #CLOS #AMOP