diff --git a/Rakefile b/Rakefile
index c5fdc3e90..fc489d075 100644
--- a/Rakefile
+++ b/Rakefile
@@ -115,7 +115,7 @@ task :beef_start => 'beef' do
   test_pass = ENV['TEST_BEEF_PASS'] || 'bad_fred_no_access'
 
   # write a rake config file for beef
-  config = YAML.load(File.read('./config.yaml'))
+  config = YAML.safe_load(File.read('./config.yaml'))
   config['beef']['credentials']['user'] = test_user
   config['beef']['credentials']['passwd'] = test_pass
   Dir.mkdir('tmp') unless Dir.exists?('tmp')
diff --git a/extensions/metasploit/api.rb b/extensions/metasploit/api.rb
index b0ceb9da0..729d76840 100644
--- a/extensions/metasploit/api.rb
+++ b/extensions/metasploit/api.rb
@@ -35,7 +35,7 @@ module BeEF
                 print_debug 'Attempting to use Metasploit exploits cache file'
                 raw = File.read(path)
                 begin
-                  msf_module_config = YAML.load(raw)
+                  msf_module_config = YAML.safe_load(raw)
                 rescue => e
                   print_error "[Metasploit] #{e.message}"
                   print_error e.backtrace