A phishing attack targeted crates.io maintainers through fake emails leading to fraudulent GitHub login pages. The crates.io team acknowledged the incident and is investigating. No compromised packages have been identified yet, but the attack follows a similar pattern to recent npm supply chain attacks.
Sort: