Ruby

Researchers have uncovered three serious vulnerabilities in Rack, a server interface used by most Ruby web app frameworks (Ruby on Rails, Sinatra, Hanami, Roda, and others). …

Apiiro security researchers have released open source tools that can help organizations detect malicious code as part of their software development lifecycle: PRevent (a …

Ruby announced the close of a $7.3 million round of funding with participation from venture capital funds Digital Strategies, DFG Group, SigNum Capital, D1 Ventures, Global …

HackerOne announced the next evolution of the Internet Bug Bounty (IBB) program at the company’s annual Security conference. The IBB’s mission is to secure open source by …

Granulate announced the latest addition to its gProfiler, which now provides support to Graviton processors. With this new addition to gProfiler, organizations running …

Granulate released new Kubernetes filters feature to the company’s gProfiler. gProfiler is an open-source production profiling solution that measures the performance of code …

Sentry announced new and enhanced platform capabilities designed to improve developer workflows and productivity by making it easier to find and resolve the issues that really …

The compromise of several older versions of a popular Ruby software package (aka a Ruby “gem”) has led to the discovery of a more widespread effort to inject …

An arbitrary file overwrite vulnerability that can be exploited by attackers to achieve code execution on a target system affects a myriad of projects and multiple ecosystems, …

Dawnscanner is an open source static analysis scanner designed to review the security of web applications written in Ruby. Dawnscanner’s genesis Its developer, Paolo …

Are programming language package managers vulnerable to typosquatting attacks? And can these attacks result in software developers running potentially malicious code? The …