Malicious cargo-env-parser Crate Targets Rust Developers Across All Major Platforms

A supply chain attack buried inside a routine Rust environment variable parsing library has put developers on all three major operating systems at risk, with malware researcher R136a1 tracing the compromise directly back to TeamPCP, one of the most active and escalating threat actors in open-source infrastructure today.

The poisoned package is cargo-env-parser version 1.0.19, a crate that projects pull in for straightforward environment variable handling. R136a1, posting under the handle @TheEnergyStory, disclosed the find on April 1 and watched it accumulate 43,900 views in short order, a signal of how quickly the Rust security community registered the severity. The attack mechanism is a malicious payload embedded in the crate's pre-build scripts, the build.rs hook that Cargo executes automatically during compilation before a single line of library code runs. That execution happens silently, with no prompts, making it a reliable vector for staging further infection. Once triggered, the script fetches and drops additional malware tailored for Windows, macOS, and Linux.

TeamPCP is not a new name to anyone tracking supply chain threats in 2026. The group, also tracked under the aliases DeadCatx3, PCPcat, and ShellForce, has built a documented record of targeting cloud-native infrastructure: misconfigured Docker APIs, Kubernetes clusters, Ray dashboards, and Redis servers have all been prior entry points. This year alone the group burned through Aqua Security's Trivy vulnerability scanner in March, pivoted using stolen GitHub Personal Access Tokens to compromise Checkmarx KICS, and injected infostealer payloads into the popular AI gateway LiteLLM across PyPI. The cargo-env-parser compromise extends that campaign into the Rust ecosystem explicitly.

The crate's stated purpose, parsing environment variables, makes the credential theft angle particularly direct. Any secrets stored in .env files, API keys, tokens, or credentials loaded through environment variables during a build are in scope. R136a1's disclosure advised any project depending on cargo-env-parser to treat its environment variables as already compromised and rotate all credentials without delay. A full technical breakdown, including indicators of compromise and step-by-step mitigation guidance, accompanied the disclosure.

The attack reinforces a structural reality that the Rust community has discussed at length: Cargo's build script system grants arbitrary code execution by design. Pre-build scripts are powerful and legitimate, used across thousands of crates for code generation and system linking, which is exactly why they are an attractive injection point. Auditing direct dependencies for unexpected build.rs additions and locking dependency versions with Cargo.lock are two concrete responses. The RustSec Advisory Database is the authoritative place to watch for formal advisories as the situation develops.