<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1076912843267184&amp;ev=PageView&amp;noscript=1">
The Buyer’s Guide to Software Supply Chain Security
Download Now!
Revealing XZ: A Software Supply Chain Under Siege
Watch On Demand
Gartner® Report: Mitigate Enterprise Software Supply Chain Risks
Get the Insights
April 22, 2020

Security industry responds to Supply Chain repo risks

ReversingLabs research on typosquatting garners RubyGems coverage

See Additional RubyGems Research Coverage

Digital Munition:
https://www.digitalmunition.me/clipboard-hijacking-malware-found-in-725-ruby-libraries/

Ars Technica:
https://arstechnica.com/information-technology/2020/04/725-bitcoin-stealing-apps-snuck-into-ruby-repository/

The CyberWire:
https://thecyberwire.com/newsletters/daily-briefing/9/74

Help Net Security:
https://www.helpnetsecurity.com/2020/04/17/typosquatting-rubygems/

HackRead:
https://www.hackread.com/hackers-typosquatting-trojanize-ruby-repository-libraries/

Questechie:
https://www.questechie.com/2020/04/hackers-typosquatting-rubygems-to-steal-crypto.html

N3on:
https://n3on.org/tech/an-attack-in-the-supply-chain-hits-the-rubygems-repository-with-725-malicious-packages/

CSO:
https://www.csoonline.com/article/3538530/rubygems-typosquatting-attack-hits-ruby-developers-with-trojanized-packages.html

IT World (IDG):
https://www.itworld.com/article/3538530/rubygems-typosquatting-attack-hits-ruby-developers-with-trojanized-packages.html

Decrypt:
https://decrypt.co/26025/rubygems-bitcoin-stealing-software-reversinglabs

Threatpost:
https://threatpost.com/bitcoin-stealers-700-ruby-developer-libraries/154937/

Tux Machines:
http://www.tuxmachines.org/node/136607

The Register:
https://www.theregister.co.uk/2020/04/21/rubygems_bitcoin_malware/

Dark Reading:
https://www.darkreading.com/application-security/attackers-aim-at-software-supply-chain-with-package-typosquatting/d/d-id/1337611

The Crypto Updates:
https://www.thecryptoupdates.com/hackers-attempt-to-steal-bitcoin-from-rubygems-goes-in-vain/

Our Bitcoin News:
https://ourbitcoinnews.com/hacker-infects-700-programming-libraries-to-steal-bitcoins/

MORE NEWS

Static Binary Analysis: A Final Exam for Software Supply Chain Protection
News | April 22, 2024
Static Binary Analysis: A Final Exam for Software Supply Chain Protection
ReversingLabs’ Director of Product Management Charlie Jones explains how the attack surface within today’s software supply chains has grown exponentially.
Read More
Cybersecurity Insiders: Supply chain attacks demand a 3rd party risk re-think
News | August 14, 2023
Cybersecurity Insiders: Supply chain attacks demand a 3rd party risk re-think
Looked at from one angle, the recent attack on JumpCloud, a cloud-based identity and access management provider, was unsurprising.
Read More
Hack Read: VMCONNECT: Malicious PyPI Package Mimicking Common Python Tools
News | August 06, 2023
Hack Read: VMCONNECT: Malicious PyPI Package Mimicking Common Python Tools
Threat researchers at ReversingLabs, a software supply chain security and malware analysis platform, have discovered a malicious new PyPI package dubbed VMConnect on the Python Package Index (PyPI) repository.
Read More