FreshRSS

πŸ”’
β–³ πŸ”ƒ
☐ β˜† βœ‡ The Hacker News

RubyGems Makes Multi-Factor Authentication Mandatory for Top Package Maintainers

By Ravie Lakshmanan β€” August 17th 2022 at 04:46
RubyGems, the official package manager for the Ruby programming language, has become the latest platform to mandate multi-factor authentication (MFA) for popular package maintainers, following the footsteps ofΒ NPMΒ andΒ PyPI. To that end, owners of gems with over 180 million total downloads are mandated to turn on MFA effective August 15, 2022. <!--adsense--> "Users in this category who do not
☐ β˜† βœ‡ Naked Security

RubyGems supply chain rip-and-replace bug fixed – check your logs!

By Paul Ducklin β€” May 9th 2022 at 15:41
Imagine if you could assume the identity of, say, Franklin Delano Roosevelt simply by showing up and calling yourself "Frank".

ruby-1200

❌