If you use Ruby on Rails, you NEED to read this...
news.ycombinator.com
10 Jan '13, 3am
(Bah, great point about passwords. I need to reform my ways.)To amplify and expand on Thomas here: when this was announced...
Serious vulnerability in Ruby on Rails allowing...
reddit.com
08 Jan '13, 11pm
An attacker can execute any ruby code he wants including system("unix command"). This effects any rails version for the la...
Exploit Code for Ruby on Rails Flaw Likely on t...
threatpost.com
09 Jan '13, 4pm
The vulnerabilities patched Tuesday in the Ruby on Rails Web framework have security researchers warning of the potential ...
Metasploit Rails 3 Remote Code Execution Hours ...
community.rapid7.com
10 Jan '13, 3am
was posted to the Ruby on Rails (RoR) security discussion list. The summary is that the XML processor in RoR can be tricke...
![[remote exploits] - Ruby On Rails XML Processor YAML Deserialization Code Execution:](http://static.openruby.com/assets/pages/38/4e/384e600d7fe97e3d7273ab915021f0ee_100.jpg){kind=small}
[remote exploits] - Ruby On Rails XML Processor...
1337day.com
11 Jan '13, 9am
Inj3ct0r is the ultimate database of exploits and vulnerabilities and a great resource for vulnerability researchers and s...
Make 2013 the year you finally learn how to cod...
hackeryou.com
08 Jan '13, 5am
Designed for beginners, this course will give you a solid foundation in Ruby on Rails. Ruby is known as one of the most be...
Ruby on Rails Releases 'Extremely Critical' Sec...
securityweek.com
09 Jan '13, 6pm
The latest versions, 3.2.11, 3.1.10, 3.0.19, and 2.3.15 have been updated with "two extremely critical security fixes" and...
Anyone using Rails in production should upgrade...
ruby-forum.com
08 Jan '13, 8pm
Hi everybody. I'd like to announce that 3.2.11, 3.1.10, 3.0.19, and 2.3.15 have been released. These releases contain two ...
Exploit Code, Metasploit Module Out for Ruby on...
threatpost.com
10 Jan '13, 3pm
Just two days after the disclosure of a string of serious vulnerabilities in Ruby on Rails, researchers have released proo...
Critical vulnerability in Ruby on Rails paramet...
h-online.com
09 Jan '13, 11am
The developers of Ruby on Rails are calling on users to update their Rails installations as soon as possible, following th...
New flaw in Ruby on Rails:
infosecurity-magazine.com
09 Jan '13, 1pm
Earlier today the Internet Storm Center (ISC) reported , “A SQL Injection Flaw (CVE-2012-5664) was announced last week (Ja...
Read @adamjodonnell's insights on the latest Ru...
blog.sourcefire.com
09 Jan '13, 8pm
A little under 24 hours ago two major, long-standing vulnerabilities were announced in the popular web programming framewo...
Critical vulnerability in Ruby on Rails paramet...
h-online.com
09 Jan '13, 11am
The developers of Ruby on Rails are calling on users to update their Rails installations as soon as possible, following th...
Extremely critical Ruby on Rails bug threatens ...
arstechnica.com
09 Jan '13, 12am
Hundreds of thousands of websites are potentially at risk following the discovery of an extremely critical vulnerability i...
Critical Flaws Patched in Ruby on Rails
threatpost.com
08 Jan '13, 9pm
"There are multiple weaknesses in the parameter parsing code for Ruby on Rails which allows attackers to bypass authentica...