Ruby Fights Supply-Chain Attacks With Filter Offering 'Cooldown' Before Installing New Packages

Most supply-chain attacks using Ruby's package hosting site "exploit a narrow window," according to a new blog post form Ruby core maintainer Hiroshi Shibata.
So its packaging-managing Bundler tool now offers a filter that blocks new version until it's been public "for at least N days. Releases too new to have been scrutinized are passed over in favor of ones that have aged past the window."The feature was designed in the open, drawing on how other ecosystems approach the same problem. It is opt

Xbox Game Exclusivity Will Be Decided on a 'Case-by-Case' Basis, Microsoft Says

Apple Announces macOS 27 'Golden Gate', Drops Support For Intel Macs

Apple Announces Siri AI, Next Generation of Apple Intelligence

WhatsApp Catches Spyware Firm NSO Defying No-Hacking Court Order

Firefox Merges Support For Vulkan Video Decoding

Italy's Bending Spoons, Owner of AOL and Vimeo, Files For Nasdaq IPO

Jeff Bezos Is Funding a Wild Hunt for the Brain's 'Core Algorithm'

A San Francisco Burglar Escaped in a Robotaxi - and Police Still Can't Find Him

Texas Grid Flags Risks As Data Centers, Crypto Sites Fail Voltage Tests

Police Sued After Imprisoning Innocent Man Placed Near Violent Crime By Flock License Plate Reader

Prada Unveils 'Liquid Cooling' Inner-Layer Garment for NASA's Moon Astronauts with Knitted-In Ventilation Tubes

Black Market Tinkerers on Facebook Marketplace Offer to Hide 'Recording Lights' on Meta Smartglasses

New Fortune 500 Rankings: Texas Overtakes California, But Amazon is #1, Beating Walmart

The Gamer-Rights Group Fighting to Make the Industry Stop Killing Games (Servers)

Ruby Fights Supply-Chain Attacks With Filter Offering 'Cooldown' Before Installing New Packages

ICT news