{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreidexy5mup23z3gibndhd5npn2hjbq2n2avyydy3dwurjwuy4dxx7e",
    "uri": "at://did:plc:ghkvexthfanuyq7fb5veq6tw/app.bsky.feed.post/3mgrch4zp3n72"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreiejl72nqriy4bcfhzdqd2zjjekinhab4joibl5psttyzrenwwirze"
    },
    "mimeType": "image/jpeg",
    "size": 172839
  },
  "path": "/2026/03/five-malicious-rust-crates-and-ai-bot.html",
  "publishedAt": "2026-03-11T05:12:00.000Z",
  "site": "https://thehackernews.com",
  "textContent": "Cybersecurity researchers have discovered five malicious Rust crates that masquerade as time-related utilities to transmit .env file data to the threat actors.\nThe Rust packages, published to crates.io, are listed below -\n\nchrono_anchor\ndnp3times\ntime_calibrator\ntime_calibrators\ntime-sync\n\nThe crates, per Socket, impersonate timeapi.io and were published between late February and early March",
  "title": "Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets"
}