Bleeping Computer

Check your gems: RubyGems fixes unauthorized package takeover bug

Similar to npm for NodeJS packages, RubyGems is a package manager for the Ruby programming language and provides a standardized format for distributing finished Ruby artifacts (called "gems"). The ...
CSOonline

RubyGems typosquatting attack hits Ruby developers with trojanized packages

Over 700 malicious packages with names similar to legitimate ones have been uploaded to RubyGems, a popular repository of third-party components for the Ruby programming language. The upload took ...
Bleeping Computer

Malicious RubyGems pose as Fastlane to steal Telegram API data

Two malicious RubyGems packages posing as popular Fastlane CI/CD plugins redirect Telegram API requests to attacker-controlled servers to intercept and steal data. RubyGems is the official package ...