Bleeping Computer

Malicious RubyGems packages used in cryptocurrency supply chain attack

New malicious RubyGems packages have been discovered that are being used in a supply chain attack to steal cryptocurrency from unsuspecting users. RubyGems is a package manager for the Ruby ...
Bleeping Computer

Check your gems: RubyGems fixes unauthorized package takeover bug

The RubyGems package repository has fixed a critical vulnerability that would allow anyone to unpublish ("yank") certain Ruby packages from the repository and republish their tainted or malicious ...
Infosecurity-magazine.com

RubyGems Mandates MFA for Top-100 Package Maintainers

The official package manager for the Ruby programming language has announced it has started mandating multi-factor authentication (MFA) on at least the top-100 RubyGems packages. The firm made the ...