Solarwinds, Wirespeed & More | Learn how businesses rely on RL for file & Software Security
Customer Stories
The CISO Survival Guide: Operationalizing Third-Party Software Risk Management
Download Now
Your Go-To-Guide: Software Supply Chain Security for Dummies
Get the Guide
April 22, 2020

Security industry responds to Supply Chain repo risks

ReversingLabs research on typosquatting garners RubyGems coverage

See Additional RubyGems Research Coverage

Digital Munition:
https://www.digitalmunition.me/clipboard-hijacking-malware-found-in-725-ruby-libraries/

Ars Technica:
https://arstechnica.com/information-technology/2020/04/725-bitcoin-stealing-apps-snuck-into-ruby-repository

The CyberWire:
https://thecyberwire.com/newsletters/daily-briefing/9/74

Help Net Security:
https://www.helpnetsecurity.com/2020/04/17/typosquatting-rubygems/

HackRead:
https://www.hackread.com/hackers-typosquatting-trojanize-ruby-repository-libraries/

Questechie:
https://www.questechie.com/2020/04/hackers-typosquatting-rubygems-to-steal-crypto.html

N3on:
https://n3on.org/tech/an-attack-in-the-supply-chain-hits-the-rubygems-repository-with-725-malicious-packages/

CSO:
https://www.csoonline.com/article/3538530/rubygems-typosquatting-attack-hits-ruby-developers-with-trojanized-packages.html

IT World (IDG):
https://www.itworld.com/article/3538530/rubygems-typosquatting-attack-hits-ruby-developers-with-trojanized-packages.html

Decrypt:
https://decrypt.co/26025/rubygems-bitcoin-stealing-software-reversinglabs

Threatpost:
https://threatpost.com/bitcoin-stealers-700-ruby-developer-libraries/154937/

Tux Machines:
http://www.tuxmachines.org/node/136607

The Register:
https://www.theregister.co.uk/2020/04/21/rubygems_bitcoin_malware/

Dark Reading:
https://www.darkreading.com/application-security/attackers-aim-at-software-supply-chain-with-package-typosquatting/d/d-id/1337611

The Crypto Updates:
https://www.thecryptoupdates.com/hackers-attempt-to-steal-bitcoin-from-rubygems-goes-in-vain/

Our Bitcoin News:
https://ourbitcoinnews.com/hacker-infects-700-programming-libraries-to-steal-bitcoins/

MORE NEWS

The Last Watchdog: Lessons learned from the headline-grabbing cybersecurity incidents of 2024
News | December 19, 2024
The Last Watchdog: Lessons learned from the headline-grabbing cybersecurity incidents of 2024
Lessons learned from the headline-grabbing cybersecurity incidents of 2024
Read More
HackRead: Ultralytics AI library with 60M downloads compromised for cryptomining
News | December 09, 2024
HackRead: Ultralytics AI library with 60M downloads compromised for cryptomining
Cybersecurity researchers at ReversingLabs found that hackers used malicious code to combine the Ultralytics AI library to mine cryptocurrency.
Read More
The Hacker News: Supply chain compromise of Ultralytics AI library results in trojanized versions
News | December 07, 2024
The Hacker News: Supply chain compromise of Ultralytics AI library results in trojanized versions
In yet another software supply chain attack, it has come to light that two versions of a popular Python artificial intelligence (AI) library named ultralytics were compromised to deliver a cryptocurrency miner.
Read More