Ruby developers beware: a would-be cryptocurrency thief is out to get at your digital wallet, and they’re using typosquatting code to do it. This post appeared first on Naked Security…
Browsing CategoryRubyGems
Backdoor discovered in Ruby strong_password library
An eagle-eyed developer has discovered a backdoor recently sneaked into a library (or ‘gem’) used by Ruby on Rails (RoR) web apps to check password strength. This post appeared first…
RubyGems strong_password Library Hijacked by Threat Actors
Ruby users who updated with strong_password gem version 0.0.7 are urged to roll back to the previous versions after a developer discovered the malicious code in the gem. The developer…
Bootstrap supply chain attack is another attempt to poison the barrel
Somebody smuggled something bad into the vast third-party, open-source supply chain we all depend upon. This post appeared first on Naked Security Blog by Sophos Author: Lisa Vaas