For thirty years, if you wanted to write an operating system kernel, a browser engine, or a database storage layer, the choice was effectively C or C++, and the price of that choice was a standing tax of memory-safety bugs — buffer overflows, use-after-free errors, data races — that security researchers have been finding in the same categories for decades. Rust’s pitch was always that a language could eliminate that entire bug class at compile time, without giving up the performance that made C and C++ non-negotiable in the first place. What’s changed recently is how many teams have stopped treating that pitch as a bet and started treating it as settled.
The clearest signal is who’s adopting it, not just that adoption is happening. Major operating system kernels have merged Rust components into codebases measured in decades of C, a move that would have been unthinkable culturally even five years ago — kernel maintainers are a notoriously conservative crowd, and getting them to accept a second systems language into a single-language codebase took years of incremental trust-building, one small driver at a time.
Security teams are the other major driver, and the data backs up their enthusiasm: internal audits at large software companies have repeatedly found that a disproportionate share of critical security vulnerabilities trace back to memory-safety bugs in C and C++ code — the exact category Rust’s ownership model is designed to make impossible at compile time rather than catch at runtime or, worse, in production. When a government cybersecurity agency starts publishing guidance recommending memory-safe languages by name, that’s not academic interest anymore — that’s a procurement requirement quietly forming.
None of this means C and C++ are going away — there are decades of existing code, an entire hardware ecosystem’s worth of tooling, and plenty of domains where Rust’s learning curve (real, and steeper than most languages) isn’t worth paying today. The realistic shape of the transition is what’s already happening: new critical components written in Rust, old ones rewritten opportunistically when they’d need a rewrite anyway, and the two languages coexisting at the boundary for a very long time.
The bigger cultural shift is what this does to language design conversations generally — memory safety without a garbage collector was considered close to a contradiction in terms for most of the industry’s history. Rust didn’t just win an adoption argument. It changed what the next generation of systems languages will be expected to guarantee by default.

