Backdoor discovered in Ruby "strong password" library, takes your "strong passwords" and uploads them into a pastebin

Hi, do you believe me when I say we need ocap security yet

@cwebber I always try to read changelogs, and hate it when they don't include one or stamp "bug fixes" on it and call it a day.


@Chuculate and changelogs won't help you if someone's trying to sneak in a vulnerability :)

Sign in to participate in the conversation

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!