May 09, 2022 RubyGems supply chain rip-and-replace bug fixed – check your logs! Imagine if you could assume the identity of, say, Franklin Delano Roosevelt simply by showing up and calling yourself "Frank". Naked Security
April 23, 2020 Trove of RubyGems malware highlights software supply chain issues Ruby developers beware: a would-be cryptocurrency thief is out to get at your digital wallet, and they're using typosquatting code to do it. Naked Security
July 09, 2019 Backdoor discovered in Ruby strong_password library An eagle-eyed developer has discovered a backdoor recently sneaked into a library (or ‘gem’) used by Ruby on Rails (RoR) web apps to check password strength. Naked Security
April 08, 2019 Bootstrap supply chain attack is another attempt to poison the barrel Somebody smuggled something bad into the vast third-party, open-source supply chain we all depend upon. Naked Security
