Skip to content
The Nexus
DossierENTITY

RubyGems

Coverage of RubyGems in the Nexus archive.

Earliest in view: May 12 · 14:47 UTCMost recent: May 13 · 21:09 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYMay 13 · 21:09 UTCDARK READING
    Attackers Weaponize RubyGems for Data Dead Drops

    Threat actors are publishing malicious RubyGems packages that target public-facing UK government servers with scrapers, but their objective is unclear. The attackers are using RubyGems to potentially gather data or disrupt services. This incident highlights a new security risk for government agencies.

  • SECURITYMay 13 · 08:08 UTCTHE HACKER NEWS
    GemStuffer Abuses 150+ RubyGems to Exfiltrate Scraped U.K. Council Portal Data

    GemStuffer has targeted the RubyGems repository with over 150 gems to exfiltrate data from a U.K. council portal. The gems are used as a data exfiltration channel rather than for malware distribution. Many of the packages have little or no download activity and repetitive payloads.

  • SECURITYMay 12 · 14:47 UTCTHE HACKER NEWS
    RubyGems Suspends New Signups After Hundreds of Malicious Packages Are Uploaded

    RubyGems has paused new signups due to a major malicious attack where hundreds of malicious packages were uploaded. The attack is being dealt with by the RubyGems team. Signups are currently paused as a precautionary measure.