A phishing attack targeting crates.io, the main Rust package repository, was detected through emails directing maintainers to a fake GitHub login page. The crates.io team has acknowledged the situation, with no compromised packages identified as of September 12th UTC.

https://fasterthanli.me/articles/crates-io-phishing-attempt

#security #rust #phishing #packageregistry #github