- Ruby gem strong_password found to contain remote code execution code in a malicious version, further strengthening worries of growth in supply-chain attacks https://snyk.io/blog/ruby-gem-strong_password-found-to-contain-remote-code-execution-code-in-a-malicious-version-further-strengthening-worries-of-growth-in-supply-chain-attacks/ 39 comments ruby
- SolarWinds.Orion.Core.BusinessLayer.OrionImprovementBusinessLayer - In a historic supply chain attack, these 4k lines of C# code were added to the SolarWinds Orion software and comprise the most consequential hack of the past decade. This is the code setting the InfoSec world on fire https://gist.github.com/wataf1/7f5c6be06ba2946c595e22325a7b7aed#file-orionimprovementbusinesslayer-cs 57 comments csharp