August 3, 2024 at 06:08AM DARPA is pushing TRACTOR, a program to automatically convert legacy C code to Rust for improved memory safety. Tech giants support the move away from C/C++ due to memory safety bugs. While some argue for maintaining C/C++ standards, DARPA is focused on automating the transition to Rust for increased security. … Read more
June 28, 2024 at 01:28PM A new study reveals the widespread and concerning use of memory-unsafe code in major open source software projects, leading to common security issues. Despite this insight, immediate changes are unlikely due to the complexity and cost of rewriting code entirely in memory-safe languages. The report’s findings align with previous studies, … Read more
April 12, 2024 at 07:36AM Multiple programming languages are affected by a serious vulnerability, ‘BatBadBut’, allowing command injection in Windows applications, due to improper escape of command arguments when executing batch files. The flaw, affecting languages’ runtimes, enables attackers to inject commands into Windows applications. Some affected languages have issued patches, but successful exploitation requires … Read more