Security News

Backdoor discovered in Ruby strong_password library
2019-07-09 14:11

An eagle-eyed developer has discovered a backdoor recently sneaked into a library (or ‘gem’) used by Ruby on Rails (RoR) web apps to check password strength.

Malicious Code Planted in 'strong_password' Ruby Gem
2019-07-08 15:23

A developer discovered that an update released for the 'strong_password' Ruby gem contained malicious code that allowed an attacker to remotely execute arbitrary code. read more

Facebook Delegated Account Recovery SDKs Published for Java, Ruby Apps (Threatpost)
2017-04-18 17:45

At F8 today, Facebook released SDKs and documentation for the integration of Delegated Account Recovery into Java, NodeJS and Ruby applications.

Scan Ruby-based apps for security issues with Dawnscanner (Help Net Security)
2016-10-12 13:55

Dawnscanner is an open source static analysis scanner designed to review the security of web applications written in Ruby. Dawnscanner’s genesis Its developer, Paolo Perego, says that he was...

Attacking Ruby on Rails Applications (Reddit)
2015-10-20 15:35

Fixing Command Injection Vulernabilities in Ruby/Rails (Reddit)
2015-09-22 12:29

CumulonimbusFS, a FUSE-based ruby library to turn any kind of web storage into your own file system. (Reddit)
2015-08-09 14:23

Ruby code (with zero dependencies) for debugging native x86/x8664 bit Linux binaries using the ptrace API (Reddit)
2015-07-15 10:50

snmpcheck new release: ruby and printed documents enumeration (Reddit)
2015-06-29 13:12

Attacking Ruby Gem Security with CVE-2015-3900 (Reddit)
2015-06-23 15:11