RubyGems Suspends New Signups Following Mass Malicious Package Injection
-
RubyGems Suspends New Signups Following Mass Malicious Package Injection
RubyGems suspended new account registrations after attackers uploaded hundreds of malicious packages containing exploits to the repository.
**If you're a Ruby developer, audit your Gemfile.lock for any unfamiliar or recently added dependencies and run bundle-audit to scan for known vulnerabilities. Avoid installing or updating gems until RubyGems confirms the cleanup is complete, and treat any new dependency added in the last few days with extra suspicion.**
#cybersecurity #infosec #incident #ransomware
https://beyondmachines.net/event_details/rubygems-suspends-new-signups-following-mass-malicious-package-injection-x-e-f-z-2/gD2P6Ple2L -
RubyGems Suspends New Signups Following Mass Malicious Package Injection
RubyGems suspended new account registrations after attackers uploaded hundreds of malicious packages containing exploits to the repository.
**If you're a Ruby developer, audit your Gemfile.lock for any unfamiliar or recently added dependencies and run bundle-audit to scan for known vulnerabilities. Avoid installing or updating gems until RubyGems confirms the cleanup is complete, and treat any new dependency added in the last few days with extra suspicion.**
#cybersecurity #infosec #incident #ransomware
https://beyondmachines.net/event_details/rubygems-suspends-new-signups-following-mass-malicious-package-injection-x-e-f-z-2/gD2P6Ple2L@beyondmachines1 does this apply only if you missed switching over to gem.coop or is that affected as well?
-
@beyondmachines1 does this apply only if you missed switching over to gem.coop or is that affected as well?
@jschwart no reports on gem.coop.
RubyGems were quite loud about this, and we can't find whether gem.coop uses the same files published to RubyGems...Safest approach is to still do the same level of review as if gem.coop was attacked.
-
R relay@relay.infosec.exchange shared this topic
