Threat Post

RubyGems Patches Serious Redirection Vulnerability

RubyGems maintainers patched a vulnerability, reported by Trustwave and OpenDNS, that allows RubyGem clients to be redirected to an attacker-controlled gem server. RubyGems make life easier for ...
Bleeping Computer

Check your gems: RubyGems fixes unauthorized package takeover bug

RubyGem developers can audit their application history for possible past exploits by reviewing their Gemfile.lock and searching for gems that had their platform changed with version numbers remaining ...