Security Feed
  1. Archives

May 08 2022 Check your gems: RubyGems fixes unauthorized package takeover bug

Source

The RubyGems package repository has fixed a critical vulnerability that would allow anyone to unpublish ("yank") certain Ruby packages from the repository and republish their tainted or malicious versions with the same file names and version numbers. [...]

Posted by Ax Sharma on Sun 08 May 2022 in BleepingComputer.

Tags: Security.

Categories

  1. 12
  2. Ars Technica
  3. AWS Security
  4. BleepingComputer
  5. Brian Krebs
  6. Bruce Schneier
  7. GCP Security
  8. Google Project Zero
  9. Mozilla Security
  10. The Daily Swig
  11. The Guardian
  12. The Register
  13. Threatpost

Tag cloud

  • Security
  • Uncategorized
  • Web Security
  • malware
  • vulnerabilities
  • Security, Identity, & Compliance
  • Microsoft
  • Security Blog
  • Biz & IT
  • privacy
  • hacks
  • Identity & Security
  • Google
  • Government
  • Foundational (100)
  • Announcements
  • Security & Identity
  • Cloud security
  • CryptoCurrency
  • hacking
  • Data and computer security
  • Technology
  • Intermediate (200)
  • A Little Sunshine
  • Technical How-to

Security Feed. Powered by Pelican and m.css. Code is available on GitLab.