The Hacker News
@thehackernews
⚠️ Five Rust crates on crates-io posed as time tools but secretly stole dev secrets.
They targeted .env files, siphoning API keys and tokens from developer machines and CI pipelines.
Removed now, but stolen credentials may still be active.
�� Read → https://thehackernews.com/2026/03/five-malicious-rust-crates-and-ai-bot.html
They targeted .env files, siphoning API keys and tokens from developer machines and CI pipelines.
Removed now, but stolen credentials may still be active.
�� Read → https://thehackernews.com/2026/03/five-malicious-rust-crates-and-ai-bot.html
👍 10
⚡ 2
🔥 1
21 8.9K
Обсуждение 0
Обсуждение не доступно в веб-версии. Чтобы написать комментарий, перейдите в приложение Telegram.
Обсудить в Telegram