
Cybersecurity researchers have discovered five malicious Rust crates that masquerade as time-related utilities to transmit .env file data to the threat actors.
The Rust packages, published to crates.io, are listed below -
chrono_anchor
dnp3times
time_calibrator
time_calibrators
time-sync
The crates, per Socket, impersonate timeapi.io and were published between late February and early March
View the full article
Recommended Comments
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.