12 matches found
`logflux` was removed from crates.io for malicious code
The logflux crate attempted to download and run a malicious payload on the user's machine. The malicious crate had 1 version published on 2026-04-26, approximately 1 month before removal, and had no evidence of actual usage. This crate had no dependencies on crates.io. Thanks to Paweł Bis for...
`exploration` was removed from crates.io for malicious code
A method within the exploration crate attempted to download and execute a payload from a remote site. The malicious crate had 1 version published on 2026-06-02, approximately 1 hour before removal, and had no evidence of actual usage. This crate had no dependencies on crates.io. Thanks to Kirill...
`sui-execution-cut` was removed from crates.io for malicious code
sui-execution-cut included a build script that attempted to exfiltrate data from the build machine. The malicious crate had 1 version published on 2026-04-20 and had no evidence of actual usage. This crate had no dependencies on crates.io...
`dnp3times` was removed from crates.io due to malicious code
The dnp3times crate attempted to exfiltrate .env files to a server that was in turn impersonating the legitimate timeapi.io service. It was loosely trying to typosquat the dnp3time crate, but otherwise was the same attack as the timecalibrator and timecalibrators malware yesterday. The malicious...
RUSTSEC-2025-0151 `sha-rst` was removed from crates.io for malicious code
This crate was used as a dependency by finchclirust and finch-rst and contained a malware payload to exfiltrate credentials. The malicious crate had 1 version published on 2025-12-08 and had been downloaded 22 times. Other than the other crates above that were part of the attack, no other crates...
`statsrelay-protobuf` was removed from crates.io for malicious code
statsrelay-protobuf was part of a campaign that attempted to exfiltrate environmental data from the host. The malicious crate had 1 version published in August 2025, and had no evidence of actual usage. This crate had no dependencies on crates.io...
RUSTSEC-2023-0124 `bit-flags` was removed from crates.io for malicious code
This crate was part of a typosquatting malware cluster published by the user alexrichton to run an arbitrary malware payload on Windows hosts. This advisory is to retrospectively document this attempted attack. The version information and download records of the malicious crate are no longer...
RUSTSEC-2023-0121 `libusb1-main` was removed from crates.io for malicious code
This crate was part of a typosquatting malware cluster published by the user Kraded to run an arbitrary malware payload on Windows hosts. This advisory is to retrospectively document this attempted attack. The version information and download records of the malicious crate are no longer available...
`windows-service-rs` was removed from crates.io for malicious code
This crate was part of a typosquatting malware cluster published by the user Kraded to run an arbitrary malware payload on Windows hosts. This advisory is to retrospectively document this attempted attack. The version information and download records of the malicious crate are no longer available...
RUSTSEC-2023-0120 `windows-service-rs` was removed from crates.io for malicious code
This crate was part of a typosquatting malware cluster published by the user Kraded to run an arbitrary malware payload on Windows hosts. This advisory is to retrospectively document this attempted attack. The version information and download records of the malicious crate are no longer available...
RUSTSEC-2023-0109 `win-crypto` was removed from crates.io for malicious code
This crate was part of a typosquatting malware cluster published by the user Kraded to run an arbitrary malware payload on Windows hosts. This advisory is to retrospectively document this attempted attack. The version information and download records of the malicious crate are no longer available...
RUSTSEC-2023-0103 `postgress` was removed from crates.io for malicious code
This crate was part of a typosquatting malware cluster published by the malicious user amaperf and contained a malware payload in build.rs to exfiltrate host information to the attacker. This advisory is to retrospectively document this attempted attack. The version information and download recor...