advisory-db icon indicating copy to clipboard operation
advisory-db copied to clipboard
verified publisher icon rustsec

Category for malicious information stealing?

Open carols10cents opened this issue 1 month ago • 1 comments

I'm working on filing advisories for crates we've recently removed from crates.io. These crates were intentionally malicious and attempting to exfiltrate information, including cryptocurrency private keys and API tokens. Should there be a category (or categories) for this?

carols10cents avatar Dec 05 '25 18:12 carols10cents

Seems okay to me. Not sure whether it should be more specific (exfiltration) or wider (malicious)?

djc avatar Dec 08 '25 09:12 djc