Communications of the ACM

Fifty Years of Open Source Software Supply-Chain Security

An open source software supply-chain vulnerability is an exploitable weakness in trusted software caused by a third-party, ...

Malicious Rust packages on Crates.io steal crypto wallet keys

Two malicious packages with nearly 8,500 downloads in Rust's official crate repository scanned developers' systems to steal ...
InfoWorld

Rust 1.90 brings workspace publishing support to Cargo

Rust developers now can automatically publish all crates in a workspace in the correct order, without manually ordering ...
The Hacker News

Malicious Rust Crates Steal Solana and Ethereum Keys — 8,424 Downloads Confirmed

The crates, named faster_log and async_println, were published by the threat actor under the alias rustguruman and dumbnbased ...

5 of my favorite Linux distros ready to use out of the box - no setup required

These distros are easy to install, include the right apps, skip the bloat and ads, and automatically detect your hardware. Easy peasy. You're welcome.
PC Magazine

Ready for Windows 11? 3 Ways to Upgrade for Free (And 1 Option for Incompatible PCs)

Whether or not your Windows 10 computer is eligible for a Windows 11 upgrade, there are a few ways to jump to Microsoft's newer OS without paying for it. Our team tests, rates, and reviews more than 1 ...