Backdoor discovered in Ruby strong_password library

An eagle-eyed developer has discovered a backdoor recently sneaked into a library (or ‘gem’) used by Ruby on Rails (RoR) web apps to check password strength.

This post appeared first on Naked Security Blog by Sophos
Author: John E Dunn