No REST for the wicked: Ruby gem hacked to siphon passwords, secrets from web devs

20 August 2019

An old version of a Ruby software package called that was modified and released about a week ago has been removed from the Ruby Gems repository – because it was found to be deliberately leaking victims’ credentials to a remote server. Jussi Koljonen, a developer with Visma in Helsinki, Finland, discovered the hacked code in , and opened an issue to discuss the matter on the GitHub repo for the software.

Read full article on The Register

Date:

20 August 2019

Categorie(s):

NEWS

Tag(s):

Programming, Programming Languages, Ruby

Celebrating our 12th Anniversary at RSA conference 20245 May 2024
Offensive Awakening: The 2024 Shift from Defensive to Proactive Security5 May 2024
End-to-end encryption may be the bane of cops, but they can’t close that Pandora’s Box5 May 2024
Week in review: PoCs allow persistence on Palo Alto firewalls, Okta credential stuffing attacks5 May 2024
Navigating the Digital Age: AI’s Crucial Role in Cybersecurity Reinforcement5 May 2024