2 New RubyGems laced with cryptocurrency stealing malware taken down

This month, RubyGems removed 2 gems from its open source software repository that contained malicious code. These gems, tracked as sonatype-2020-1222 by us, are:
The post 2 New RubyGems laced with cryptocurrency stealing malware taken down appeare… Continue reading 2 New RubyGems laced with cryptocurrency stealing malware taken down

Nexus Intelligence Insights: Protect Your Bitcoins from 700+ Malicious RubyGems with sonatype-2020-0196

Last week news broke about how 700 typosquatting libraries had made their way into the famous RubyGems repository. The complete list, first published by Reversing Labs, reveals how crafty attackers can take advantage of the open source software su… Continue reading Nexus Intelligence Insights: Protect Your Bitcoins from 700+ Malicious RubyGems with sonatype-2020-0196

Bitcoin Stealers Hide in 700+ Ruby Developer Libraries

Cybercriminals uploaded typosquatted malicious libraries to RubyGems, which contains open-source components that are used as basic application building blocks by software developers. Continue reading Bitcoin Stealers Hide in 700+ Ruby Developer Libraries

Hackers use typosquatting to trojanize 700 libraries in Ruby Repository

By Sudais Asif
In the traditional sense, we usually come across typosquatting in the form of attackers creating misspelled domain names…
This is a post from HackRead.com Read the original post: Hackers use typosquatting to trojanize 700 libraries in … Continue reading Hackers use typosquatting to trojanize 700 libraries in Ruby Repository

760+ malicious packages found typosquatting on RubyGems

Researchers have discovered over 760 malicious Ruby packages (aka “gems”) typosquatting on RubyGems, the Ruby community’s gem repository / hosting service. The discovery ReversingLabs analysts wanted to see how widespread the practice of pa… Continue reading 760+ malicious packages found typosquatting on RubyGems

Anatomy of the RubyGems ‘rest-client’ hack, and getting creative about open source security

Over the last several years, we’ve been raising awareness of breaches to popular open source software components and the worrying trend that they are more frequently being attacked at the source – bad actors are growing bolder and the veloci… Continue reading Anatomy of the RubyGems ‘rest-client’ hack, and getting creative about open source security