@dentarg.bsky.social
Reposted
After listening to about a dozen first-hand accounts, I’ve published what I know about the RubyGems takeover.
Shopify, pulling strings at Ruby Central, forces Bundler and RubyGems takeover
Ruby Central recently took over a collection of open source projects from their maintainers without their consent.
joel.drapper.me
September 23, 2025 at 3:08 PM
After listening to about a dozen first-hand accounts, I’ve published what I know about the RubyGems takeover.
Reposted
This might be the best executed supply chain attack we've seen described in the open, and it's a nightmare scenario: malicious, competent, authorized upstream in a widely used library.
Looks like this got caught by chance. Wonder how long it would have taken otherwise.
Looks like this got caught by chance. Wonder how long it would have taken otherwise.
Woah. Backdoor in liblzma targeting ssh servers.
www.openwall.com/lists/oss-se...
It has everything: malicious upstream, masterful obfuscation, detection due to performance degradation, inclusion in OpenSSH via distro patches for systemd support…
Now I’m curious what it does in RSA_public_decrypt
www.openwall.com/lists/oss-se...
It has everything: malicious upstream, masterful obfuscation, detection due to performance degradation, inclusion in OpenSSH via distro patches for systemd support…
Now I’m curious what it does in RSA_public_decrypt
oss-security - backdoor in upstream xz/liblzma leading to ssh server compromise
www.openwall.com
March 29, 2024 at 7:29 PM
This might be the best executed supply chain attack we've seen described in the open, and it's a nightmare scenario: malicious, competent, authorized upstream in a widely used library.
Looks like this got caught by chance. Wonder how long it would have taken otherwise.
Looks like this got caught by chance. Wonder how long it would have taken otherwise.