ruby

Can an attacker execute arbitrary commands on a remote server just by sending JSON? Yes, if the running code contains unsafe deserialization vulnerabilities. But how is that possible? In this blog post, we’ll describe how unsafe deserialization vulnerabilities work and how you can detect them in Ruby projects. The post Execute commands by sending JSON? Learn how unsafe deserialization vulnerabilities work in Ruby projects appeared first on The GitHub Blog.

It’s been a while since we’ve published our Release Radar. You can blame IRL conferences coming back, getting influenza, and being struck down by the weather. But those are just me problems. While I’ve been down or travelling, the community has been hard at work shipping new releases and new projects. So, we thought we’d […]