Compromised Rust crate onering performs code exfiltration
The compromised onering Rust crate v1.4.1 on crates.io shipped a malicious build.rs that exfiltrates the diff of your latest commit to a hosted Sentry endpoint every time you build. Category…
Read the full articleYou might also wanna read
Rust Security Alert: Phishing Campaign Targets crates.io Users
Empowering everyone to build reliable and efficient software.
Crates.io Targeted by Phishing Attempt Following npm Supply Chain Attack
Earlier this week, an npm supply chain attack. It’s turn for crates.io, the main public repository for Rust crates (packages). The phishing
Rust Programming Language Faces Inevitable Supply Chain Security Threats
An essential part of being able to say "I told you so" is in fact having told you so. Well, here we are. For those living under a rock (luck
crates.io: The Official Rust Package Registry
crates.io serves as a central registry for sharing crates, which are packages or libraries written in Rust that you can use to enhance your
crates.io: The Official Package Registry for Rust Programming Language
crates.io serves as a central registry for sharing crates, which are packages or libraries written in Rust that you can use to enhance your
crates.io: The Official Package Registry for Rust Programming Language
crates.io serves as a central registry for sharing crates, which are packages or libraries written in Rust that you can use to enhance your

Comments
Sign in to join the conversation.
No comments yet. Be the first.