Backdoored Ruby gems stole credentials, injected cryptomining code

The compromise of several older versions of a popular Ruby software package (aka a Ruby “gem”) has led to the discovery of a more widespread effort to inject malware and mining software through Trojanized gems. What happened? Two days ago, … Continue reading Backdoored Ruby gems stole credentials, injected cryptomining code

Backdoor vulnerability in open source tool exposes thousands of apps to remote code execution

Roughly 28 million users have downloaded a malicious version of a popular open source framework that masquerades as the real thing, but in fact gives a hackers a back door into applications. A compromised version of the website development tool bootstrap-sass was published to the official RubyGems repository, a hub where programmers can share their application code. The open source security firm Snyk alerted developers to the issue Wednesday, advising users to update their systems away from the infected framework (version 3.2.0.3). “That doesn’t mean there are something like 27 million apps out there using this,” said Chris Wysopal, chief technology officer at app security company Veracode. “[But] when you’re using open source packages to build your applications, you’re inheriting many of the vulnerabilities. … But bootstrap-sass is a popular component used by enterprises and startups so there’s potentially thousands of applications affected by this.” While the vulnerability is serious — hackers […]

The post Backdoor vulnerability in open source tool exposes thousands of apps to remote code execution appeared first on CyberScoop.

Continue reading Backdoor vulnerability in open source tool exposes thousands of apps to remote code execution