Port 22

Researchers Uncover Rust Supply-Chain Attack Targeting Cloud CI Pipelines

A case of software supply chain attack has been observed in the Rust programming language’scrate registrythat leveraged typosquatting techniques to publish a rogue library containing malware. Cybersecurity firm SentinelOne dubbed the attack “CrateDepression.” Typosquatting attackstake placewhen an adversary mimics the name of a popular package on a public registry in hopes that developers