The Hacker News

TARmageddon Flaw in Async-Tar Rust Library Could Enable Remote Code Execution

High-severity TARmageddon flaw (CVE-2025-62518) in Rust’s async-tar libraries enables RCE via header parsing bug.

TARmageddon flaw in abandoned Rust library enables RCE attacks

A high-severity vulnerability in the now-abandoned async-tar Rust library and its forks can be exploited to gain remote code ...
Security Boulevard

Windows Server Update Service (WSUS) Remote Code Execution Vulnerability (CVE-2025-59287) Notice

Overview Recently, NSFOCUS CERT detected that Microsoft released a security update that fixed the Windows Server Update Service (WSUS) remote code execution vulnerability (CVE-2025-59287); Because ...

CERT-In Warns Google Chrome Users of High-Severity Remote Code Execution Vulnerability

CERT-In has advised all end users to update to the latest version of Chrome immediately to reduce exposure to potential ...
The Hacker News

Chinese Threat Actors Exploit ToolShell SharePoint Flaw Weeks After Microsoft's July Patch

KrustyLoader, first detailed by Synacktiv in January 2024, is a Rust-based loader previously put to use by a China-nexus ...

Pwn2Own Day 2: Hackers exploit 56 zero-days for $790,000

Security researchers collected $792,750 in cash after exploiting 56​​​​​​​ unique zero-day vulnerabilities during the second ...
The Register on MSN

Salt Typhoon hit governments on three continents with SharePoint attacks

Typhoons teaming up Security researchers now say more Chinese crews - likely including Salt Typhoon - than previously ...
SecurityWeek

TARmageddon Flaw in Popular Rust Library Leads to RCE

Vulnerability in the popular Rust library Async-tar could allow attackers to smuggle archive entries and execute arbitrary code remotely.
Cyber Daily

CISA adds Adobe Experience Manager vulnerability to KEV catalogue

The United States Cybersecurity and Infrastructure Security Agency (CISA) has added a vulnerability in the Adobe Experience ...