CYBERSECURITY researchers uncovered five malicious Rust crates masquerading as time utilities to exfiltrate .env data from developer environments. The crates—chrono_anchor, dnp3times, time_calibrator, time_calibrators, and time-sync—were published to crates[.]io between late February and early March 2026 and impersonate timeapi[.]io, with exfiltration tied to a single threat actor based on the uniform methodology and domain disguise.
Chrono_anchor in particular hides its data-stealing logic in a guard[.]rs file invoked by an optional sync function to avoid tipping off developers, and the campaign repeatedly targets .env secrets whenever CI workflows run the malicious code.
In parallel, an AI-powered bot named hackerbot-claw exploited public GitHub Actions workflows, scanning at least seven repositories including aquasecurity/trivy, to steal a Personal Access Token and push a malicious VS Code extension to Open VSX, enabling local AI agents to exfiltrate data; the attackers used highly permissive AI tooling and then moved secret data to a private repository.
According to Socket, the campaign demonstrates how low‑complexity supply‑chain malware can deliver high impact within developer workspaces and CI jobs, and CVE-2026-28353 has been issued in relation to Aqua Security’s Trivy extension incident. Between February 21 and 28, 2026, the attacker’s activity targeting notable projects underscores the need to audit CI/CD credentials and restrict outbound access.