Might’ve introduced openssl into a Rust codebase using rustls because of a C dep. how long until I get the severance package?

CLOUDFLARE BUILT THEIR OWN NGINX IN RUST AND OPEN-SOURCED IT pingora is cloudflare's internal proxy framework, now available for anyone to use it handles 40M internet requests per second in production here's what makes it different: ▫️ written in async rust memory safe, no c/c footguns ▫️ full HTTP/1 and HTTP/2 end-to-end proxying ▫️ tls via openssl, boringssl, rustls, or s2n-tls ▫️ grpc websocket proxying built in ▫️ graceful reload without dropping connections ▫️ pluggable load balancing failover logic ▫️ prometheus observability integrations out of the box the modular crate structure means you can pull in only what you need: pingora-proxy → http proxy logic pingora-cache → caching layer pingora-load-balancing → lb algorithms tinyufo → the caching algorithm powering it all nginx has been the default for years pingora is what happens when you outgrow it at cloudflare scale 26.8k stars on github github.com/cloudflare/pingor…

Ayyy, the rustls issue got fixed 🙌

interesting, turbo remote cache over https://*.workers.dev failed only behind cf warp. idk why but rustls keeps rejecting it while native tls works perfectly fine

stdout lock not being properly released by rustls?

Rustls maintains top performance in Q1 2026 benchmarks against BoringSSL and OpenSSL, with exciting split-mode improvements coming in 0.24. #rustlang #rust

12 packages trending on zorbs.io this Friday. 📦 Top shipments: @crypto/ztls — TLS port of rustls v0.23.23 (↓19) @compress/zstd — zstd v0.13.3 port (↓18) @proto/prost — protobuf v0.13.5 port (↓18) @db/zsql — embedded SQL database (↓16) All pure Zeta. All shipping through the registry. ⬇️ zorbs.io

This week's shipments on zorbs.io: @crypto/ztls — Pure Zeta TLS (port of rustls v0.23.23) ↓19 @compress/zstd — zstd v0.13.3 port ↓18 @proto/prost — protobuf v0.13.5 port ↓18 @db/zsql — embedded SQL database ↓16 @crypto/bsv58 — BSV Base58 codec ↓9 12 trending packages, 167 total downloads. All pure Zeta. Ship through the registry.

New packages hitting @zorbs_io this week 🚀 @encoding/bincode — 19↓ (bincode v1.3.3 port) @compress/zstd — 17↓ (zstd v0.13.3 port) @crypto/ztls — 17↓ (pure Zeta TLS from rustls) @proto/prost — 17↓ (protobuf v0.13.5 port) @db/zsql — 16↓ (embedded SQL database) 12 trending packages, 162 total downloads. All pure Zeta. zorbs.io

🦀 Pure-Rust TLS stack (Rustls) for seamless cross-compilation 📦 Explicit versioned container tags (no more pinning to :latest) 🔒Hardened supply chain security (Cosign, SBOMs, GPG detached signatures) 🛠️ Zero-friction maintainer version-bumping tooling

⚡ rustls backend silently ignores CURLOPT_CRLFILE when native CA store is active 👨🏻‍💻 giant_anteater ➟ curl ⬜ None 💰 None 🔗 hackerone.com/reports/373493… #bugbounty #bugbountytips #cybersecurity #infosec

New #macOS #Stealer in pure #Rust 🦀 🤦‍♂️ Dev forgot to strip TOML defaults from __const: -- author = "SysAdmin Team" -- service_name = "com.sysmonitor.agent" 🧬 Crate: sysmonitor::services::{grabber,searcher,tdata,telegram,keylogger} 🧱 Tokio rustls native LevelDB 💼 Targets corporate infra → .terraform .kube .helm .azure .docker 🐌 Playing the long game → grabber waits 24h before re-collecting 🤿 Deeper dive: x.com/moonlock_lab/status/20…

2/ The binary is a 4.4 MB unsigned x86_64 Mach-O, compiled in Rust with a Tokio async runtime, rustls TLS, and a full LevelDB client. The binary installs itself to: ~/Library/Application Support/SysMonitor/bin It writes and loads its own plist, redirecting stdout/stderr to /dev/null to stay invisible. Survives reboots.

We love rustls

does it have any edge over rustls ?

chromium is literally working on a rustls crypto provider because of the constant stream of non-crypto related vulnerabilities coming out of these libraries bro

rustls, btw.

Why you should be getting into Qubetics now, before the market prices in the tech they have built. $TICS #Qubetics #Bitcoin #chainabstraction I went deeper than a whitepaper. I pulled apart the actual Qubetics MPC node binary. Not the pitch deck. Not the roadmap. The most recent (March 10th) compiled binary — 52MB of Rust. Here's what's inside, and why it matters. What it actually does The mpc-node is the engine behind Qubetics' Chain Abstraction Protocol. When you move BTC to the TICS chain, or sign a transaction through a single universal identity across multiple blockchains, this is the software making it cryptographically safe to do so. The architecture is serious: - Distributed Key Generation (DKG) — a full private key never exists on any single machine. Key shares are generated and distributed across the validator set from the start. - VRF-based signer selection — a Verifiable Random Function picks which nodes participate in each signing round. Unpredictable, non-collusive by design. - Threshold ECDSA Ed25519 — supports both Bitcoin/EVM signing (secp256k1) and other chains (Ed25519), with nonce management baked in. - libp2p networking — Gossipsub for message propagation, Kademlia DHT for peer discovery, QUIC transport with mTLS everywhere. No cleartext P2P. - RocksDB persistence — signing state, DKG shares, and user intents survive node restarts. - On-chain solver contracts — transaction routing and validation tied to a registered, auditable solver network. Source paths in the binary also show handlers already written for Bitcoin, EVM, and the native TICS chain — with Cosmos, Solana and others clearly in the pipeline. Is this a game changer for bridge exploits? The honest answer: architecturally, yes. In practice, it depends on execution. Every major bridge hack follows the same pattern — Ronin, Wormhole, Nomad — an attacker compromises one thing: a private key, a small multisig, a contract flaw. The entire security model collapses at a single point. Qubetics flips that model. There is no single key to steal. The DKG means the key never exists whole. The VRF means an attacker can't predict which nodes to target in advance. To forge a signature, you'd need to compromise a threshold of randomly-selected nodes simultaneously, within a narrow signing window. That's a fundamentally different attack surface — and a dramatically harder one. The caveats matter though. The node operator set needs to be genuinely decentralized. The DKG parameters need to be set conservatively. The MPC protocol itself needs independent cryptographic auditing, and this has already been done by Certik. The binary I examined is still a development build — full debug symbols, source paths intact — which means the latest version will soon be pushed to github. But the foundation is sound. What this means for Qubetics The binary tells a better story than any pitch ever could. 94,000 compiled symbols. Well-audited cryptographic libraries (secp256k1, ring, curve25519-dalek, rustls). TLS everywhere. No homebrew crypto. A team that clearly understands they're building critical financial infrastructure, not just another token. The addressable problem is enormous. Billions continue to be lost to bridge exploits every year. Every multi-chain protocol in DeFi wrestles with the same fundamental vulnerability Qubetics is solving at the protocol level. If the MPC network reaches sufficient scale and decentralization, TICS stops being just a blockchain token and starts being the fee and staking asset of cross-chain security infrastructure. That's a very different market cap conversation. The code is real. The architecture is right. Execution is everything from here. --- *Analysis based on direct binary inspection of the mpc-node ELF executable. Not financial advice. Do your own research.*

Just released #rustlang reqwest v0.13.3 🦀 🚀 - Updates for rustls. - Improve logging and fallbacks for DNS resolver. - Several HTTP/3 bug fixes. github.com/seanmonstar/reqwe…