🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

cargo-audit v0.12.0 is out with some minor fixes, including git2 crate updates which should make it easier to install: github.com/RustSec/cargo-…

We've posted a retrospective on RUSTSEC advisories filed in April 2020: - rusqlite - os_str_bytes - flatbuffers - fake-static - plutonium reddit.com/r/rust/comment…

The Rust team was notified of a vulnerability affecting crates.io API tokens generation and storage, and out of aboundance of precaution we revoked all existing tokens. Learn more on the advisory: blog.rust-lang.org/2020/07/14/cra…

RUSTSEC-2020-0036: failure is officially deprecated/unmaintained rustsec.org/advisories/RUS…

Introducing `auditable`: audit compiled Rust Language binaries against security advisories in the @RUSTSEC database: reddit.com/r/rust/comment…

My team's first release since I joined GitHub is out today, and my first GitHub blog is live! Thanks so much to the RustSec community for collaborating to bring curated Rust security advisories to the GitHub Advisory Database! github.blog/2021-09-23-git…

The rustsec.org web site now features severity information for each security advisory

We have a security advisory for rustc today: blog.rust-lang.org/2021/11/01/cve… We will have a 1.56.1 release out soon.

The std::fs::remove_dir_all function in the Rust standard library is vulnerable to a race condition (CVE-2022-21658). We will release Rust 1.58.1 with the fix later today. Read the advisory: blog.rust-lang.org/2022/01/20/cve…

The regex crate is vulnerable to denial of service attacks when parsing untrusted regexes (CVE-2022-24713). We released version 1.5.5, fixing the issue. Read the advisory: blog.rust-lang.org/2022/03/08/cve…

A malicious crate was uploaded to crates.io, targeting GitLab CI environments. Read more on the security advisory: blog.rust-lang.org/2022/05/10/mal…

blog.logrocket.com/comparing-rust… Comparing Rust supply chain safety tools

Rust is the fastest growing language on GitHub, and GitHub’s supply chain security features now help keep your Rust projects secure 🔒 github.co/3tiGH9E