Personally I strip the DRM of all the ebooks and movies I buy (not rent of course).

Enough with the "bought, but actually renting with an undetermined end date".

Was looking at this the other night but didn't have enough skin in the game to reliably blindly-trust external tools to do this for me - I expect that something designed to circumvent encryption is going to come with a very high malware risk.

Any resources/tools/tutorials you'd recommend?

Generally speaking, people use the DeDRM plugin for Calibre. Link omitted for legal reasons.
legal reasons? Seriously, has the DRM mafia cowed people so much? What the hell is wrong with sharing public software tools with others?

Here's one option you might try (no connection to it but it seems to be one of the most recently usable, trustworthy versions) https://github.com/noDRM/DeDRM_tools