Bitcoin Core Exposes High-Severity Memory Safety Flaw
Bitcoin Core developers have disclosed a high-severity vulnerability, tracked as CVE-2024-52911, which is the project's first known memory safety flaw that could potentially allow remote code execution. This rare but critical bug was fixed months ago and affects Bitcoin Core releases from 2017 to early 2025.
#MemorySafety #BitcoinCore #Cve202452911 #Vulnerability #RemoteCodeExecution
Warning: CVE-2025-40739 (CWEs: ['CWE-125']) found no CAPEC relationships.
Warning: CVE-2025-40741 (CWEs: ['CWE-121']) found no CAPEC relationships.
C++Now 2026 SESSION ANNOUNCEMENT: Can C++ Become a Memory Safe Language? by Prabhu Missier
https://schedule.cppnow.org/session/2026/can-cpp-become-a-memory-safe-language/
Register now at https://cppnow.org/registration/
Google Bolsters Pixel Security with Rust-Based DNS Parser Integration
Google is taking a significant step to supercharge Pixel device security by integrating a Rust-based DNS parser into the modem firmware of the Pixel 10, leveraging the power of memory-safe code to fortify its software stack. This strategic move underscores the company's commitment to bolstering device security from the ground up.
RE: https://cyberplace.social/@GossiTheDog/116390978622304265
Having worked extensively with world class security engineers, I had the hunch that the Anthropic Mythos scare is more marketing than anything else but seeing It confirmed here is good and deserves boosting. The main takeaway for software engineers with only a passing familiarity for security specifics is that "vulnerability" is a broad concept, forcing a crash *can* be security relevant in some contexts but most often isn't.
For #memorysafety, we consider it a big win if invalid memory access always led to a crash instead of UB. Crashes can be reliably detected and fixed, and not every threat model includes a DOS attack.
Google reveals Pixel 10 modem firmware now uses Rust to reduce baseband security risks
https://fed.brid.gy/r/https://nerds.xyz/2026/04/pixel-10-rust-baseband/
β‘β‘β‘ Lightning Talk Announcement! β‘β‘β‘
β¨ π ππππ-π₯π¦: π π ππ π’π₯π¬-π¦πππ, ππππ ππππ-ππ’π π£ππ§ππππ ππππ π§π¬π£π πππ§πππ§ππ’π‘ πππ’π¦π¬π¦π§ππ - Quentin Jerome 𧩠(@qjerome)
File type detection just got a memory-safe upgrade β in Rust. In this talk, Quentin Jerome shows how Magic-rs brings libmagicβs power to modern, safe code β with Python bindings, a CLI tool called wiza, and real-world compatibility.
Quentin Jerome https://www.linkedin.com/in/quentin-jerome-00a8a074 is a Rust developer at CIRCL. Inspired by his background in incident response and threat detection, he builds open-source security tools to solve practical problems. His main interests include threat detection, bug hunting, and building tools that help the security community.
π
Conference Dates: 6β8 May 2026 | 09:00β18:00
π 14, Porte de France, Esch-sur-Alzette, Luxembourg
ποΈ Tickets: https://2026.bsides.lu/tickets/
π
Schedule: https://pretalx.com/bsidesluxembourg-2026/schedule/
#BSidesLuxembourg #Rust #FileDetection #MemorySafety #OpenSource #CyberSecurity
I am able to tolerate rules/discipline when I'm given a good reason for them. And I put higher emphasis on avoiding harming others than myself.
I wish the #Rust book and other sources explained the why of the borrow checker and not just the how. Particularly from a security perspective rather than just a preventing mistakes perspective, because see above. I want to be able to make my own mistakes, but my users deserve secure software.
Analyst207
Annual Computer Security Applications Conference
datatofu
N-gated Hacker News
C++Now
burakemir
NERDS.xyz β Real Tech News for Real Nerds [Unofficial]
BSidesLuxembourg
Light