Ruby raises $7.3 million to give users granular access control over their data
Ruby announced the close of a $7.3 million round of funding with participation from venture capital funds Digital Strategies, DFG Group, SigNum Capital, D1 Ventures, Global …
HackerOne updates Internet Bug Bounty program to improve the security of open source software
HackerOne announced the next evolution of the Internet Bug Bounty (IBB) program at the company’s annual Security conference. The IBB’s mission is to secure open source by …
Granulate gProfiler provides support to Graviton processors to improve code quality
Granulate announced the latest addition to its gProfiler, which now provides support to Graviton processors. With this new addition to gProfiler, organizations running …
Granulate adds Kubernetes filtering feature to open-source gProfiler
Granulate released new Kubernetes filters feature to the company’s gProfiler. gProfiler is an open-source production profiling solution that measures the performance of code …
Sentry enhances platform capabilities to improve developer workflows and productivity
Sentry announced new and enhanced platform capabilities designed to improve developer workflows and productivity by making it easier to find and resolve the issues that really …
Backdoored Ruby gems stole credentials, injected cryptomining code
The compromise of several older versions of a popular Ruby software package (aka a Ruby “gem”) has led to the discovery of a more widespread effort to inject …
Zip Slip vulnerability affects thousands of projects
An arbitrary file overwrite vulnerability that can be exploited by attackers to achieve code execution on a target system affects a myriad of projects and multiple ecosystems, …
Scan Ruby-based apps for security issues with Dawnscanner
Dawnscanner is an open source static analysis scanner designed to review the security of web applications written in Ruby. Dawnscanner’s genesis Its developer, Paolo …
How programmers can be tricked into running bad code
Are programming language package managers vulnerable to typosquatting attacks? And can these attacks result in software developers running potentially malicious code? The …