1. Is Your Site Leaking Password Reset Links?

    Emailed password reset links are a common part of web applications. Is your site leaking these confidential links to third party sites?

    Derek Prior

  2. Paperclip IS vulnerable to ImageTragick

    Paperclip is affected by CVE-2016–3714 if used with ImageMagick 7.0.1-0 or earlier.

    Tute Costa

  3. ImageMagick vulnerability does not affect Paperclip

    There is no need to upgrade Paperclip in light of CVE-2016–3714. You may choose to upgrade ImageMagick regardless.

    Tute Costa

  4. Paperclip Security Release

    We released Paperclip v4.2.2 with a security fix.

    Tute Costa

  5. Building secure web applications with Ruby on Rails

    Ruby on Rails makes it easy to build web apps with security in mind.

    Murtaza Gulamali

  6. Who's responsible for web application security?

    In short, we’re all responsible. And this is why.

    Alexis Ternoy

  7. Handling Security Issues In Open Source Projects

    How to handle vulnerabilities in your open source project.

    Tute Costa

Sign up to receive a weekly recap from Giant Robots