Malicious Code Lodged in Ruby strong_password Library
By A developer named Tute Costa revealed that an update issued for the ‘strong_password’ Ruby gem contained malicious code that enabled an attacker to remotely perform random code. The developer was updating gems used by a Rails application when he observed that version 0.0.7 of strong_password was pushed out on RubyGems.org, the Ruby Continue Reading