What The Rails Security Issue Means For Your Startup
www.kalzumeus.com
FEBRUARY 6, 2013
An attacker was able to create a malicious gem, cause the Rubygems web application to evaluate the metadata contained in it, and thereby compromise the Rubygems server infrastructure. Maybe it is a publicly accessible staging server at EC2 spun up by a developer who has since left the company and not shut down because, hey, $20 a month.
Let's personalize your content