The Hacker News

RubyGems Suspends New Signups After Hundreds of Malicious Packages Are Uploaded

RubyGems halted new registrations after a major attack involving hundreds of malicious packages, increasing supply chain ...
SecurityWeek

Hundreds of Malicious Packages Force RubyGems to Suspend Registrations

New account registrations on RubyGems.org have been suspended after threat actors published hundreds of malicious packages.
The Hacker News

Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft

Sleeper packages in Ruby and Go steal credentials and alter CI workflows, leading to persistent access and data exfiltration.
Bleeping Computer

Malicious RubyGems packages used in cryptocurrency supply chain attack

New malicious RubyGems packages have been discovered that are being used in a supply chain attack to steal cryptocurrency from unsuspecting users. RubyGems is a package manager for the Ruby ...