Safeguard
Tag

rust

Safeguard articles tagged "rust" — guides, analysis, and best practices for software supply chain and application security.

39 articles

Vulnerability Guides

Buffer Overflow Vulnerabilities: A Practical Guide

Buffer overflows write past the end of a memory buffer, corrupting adjacent data and often reaching code execution. Here is how they work and how to prevent them.

Jul 8, 20266 min read
Security Guides

Auditing Rust Dependencies with cargo-audit

cargo-audit checks your Cargo.lock against the RustSec Advisory Database, flagging vulnerable, yanked, and unmaintained crates. Here is how to use it and extend it.

Jul 3, 20265 min read
Supply Chain Security

IronWorm: A Rust eBPF Rootkit Worm Hits the npm Supply Chain

IronWorm is a compiled Rust npm worm with a kernel-level eBPF rootkit, Tor C2, and OIDC-based self-propagation. It is the engineering ceiling of 2026 software supply chain attacks — and it carries no CVE.

Jun 22, 20267 min read
Open Source Security

crates.io's Security Team in 2026: Response Workflow, Notification Policy Change, and the Alpha-Omega Investment

After the September 2025 phishing wave and the December evm-units removal, the crates.io team announced a notification policy update in February 2026 and the Rust Foundation deployed crate-scanning infrastructure funded by Alpha-Omega.

Mar 12, 20267 min read
Open Source Security

cargo-audit and cargo-deny: A Real Workflow

A senior-engineer-grade workflow for using cargo-audit and cargo-deny together, with realistic policy decisions and the mistakes teams repeat.

Feb 20, 20267 min read
Application Security

Reachability Analysis for Rust and Cargo in 2026

How reachability analysis cuts noise for Rust services: cargo features, conditional compilation, RustSec advisories, and the tools that handle Rust well.

Feb 11, 20266 min read
Industry Analysis

Rust memory safety vulnerabilities despite the borrow che...

The borrow checker doesn't stop everything. Here's how rust unsafe code vulnerabilities slip past Rust's safety guarantees and reach production.

Feb 6, 20267 min read
Open Source Security

Rust crates.io Supply Chain Controls in 2026

crates.io has gained real supply chain features over the past two years. Here is an honest read on what works, what is still immature, and where to invest.

Feb 2, 20266 min read
Industry Analysis

SQL Injection Prevention in Rust with sqlx

sqlx blocks SQL injection by default with compile-time query checks and bind parameters — but format!() and raw SQL calls can still reopen the gap. Here's how to audit for it.

Oct 25, 20257 min read
Industry Analysis

Path Traversal Prevention in Rust with fs::canonicalize

fs::canonicalize resolves `..` and symlinks into one absolute path, but it can't fix TOCTOU races, missing files, or Windows prefix quirks on its own. Here's the safe pattern.

Oct 23, 20257 min read
Open Source Security

faster_log and async_println: Rust's First Public Wallet-Stealing Crates

On September 24, 2025, crates.io removed faster_log and async_println — Rust typosquats that had quietly stolen Ethereum and Solana keys from 8,424 downloads since May.

Sep 30, 20255 min read
Open Source Security

How Snyk Open Source analyzes Cargo.lock for Rust depende...

How Snyk Open Source parses Cargo.lock, matches resolved crate versions against RustSec advisories, and handles Rust workspaces -- a mechanical breakdown of its documented approach.

Aug 29, 20257 min read
rust — Safeguard Blog