Crates.io

Stealth Supply Chain Attack: Malicious Rust Crate Used Unpinned Dependency for Silent Payload Upgrades Rust Typosquatting, Unpinned Dependency Attack

Rust Typosquatting, Unpinned Dependency Attack

Stealth Supply Chain Attack: Malicious Rust Crate Used Unpinned Dependency for Silent Payload Upgrades

Do Son December 8, 2025

A popular bioinformatics tool became the latest lure in a software supply chain attack, as threat actors...

Malicious Rust Package ‘evm-units’ Exposes Crypto Developers to Stealth Attacks Rust Crates.io Backdoor, EVM Stealth Loader

Rust Crates.io Backdoor, EVM Stealth Loader

Malicious Rust Package ‘evm-units’ Exposes Crypto Developers to Stealth Attacks

Do Son December 3, 2025

A seemingly innocent utility for Ethereum developers has been unmasked as a sophisticated stealth loader. The Socket...

Supply Chain Attack: Malicious Rust Crates Steal Solana and Ethereum Private Keys Rust Crypto Stealer, Typosquatting Attack

Rust Crypto Stealer, Typosquatting Attack

Supply Chain Attack: Malicious Rust Crates Steal Solana and Ethereum Private Keys

Do Son September 26, 2025

Socket’s Threat Research Team has uncovered a supply chain attack involving two malicious Rust crates—faster_log and async_println—that...