The Hacker News

RubyGems Suspends New Signups After Hundreds of Malicious Packages Are Uploaded

RubyGems halted new registrations after a major attack involving hundreds of malicious packages, increasing supply chain ...
SecurityWeek

Hundreds of Malicious Packages Force RubyGems to Suspend Registrations

New account registrations on RubyGems.org have been suspended after threat actors published hundreds of malicious packages.
Dark Reading

Attackers Weaponize RubyGems for Data Dead Drops

Threat actors are publishing RubyGems packages that include scrapers targeting public-facing UK government servers, but with ...
Bleeping Computer

Malicious RubyGems packages used in cryptocurrency supply chain attack

New malicious RubyGems packages have been discovered that are being used in a supply chain attack to steal cryptocurrency from unsuspecting users. RubyGems is a package manager for the Ruby ...
Threat Post

RubyGems Patches Remote Code Execution Vulnerability

RubyGems patched an unsafe object deserialization vulnerability this week that could have allowed attackers to remotely execute code on vulnerable systems. RubyGems, a package of software tools that ...
Hosted on MSN

Ruby Central tries to make peace after 'hostile takeover'

Ruby Central, the non-profit that recently seized some Ruby open source tools from maintainers, is transferring the repository ownership of RubyGems and Bundler to the Ruby core team. The move appears ...