Tag: rubygems

2 articles

Developer workspace with open laptop and blurred screen, surrounded by tech equipment.

GemStuffer Exploits RubyGems to Exfiltrate UK Council Data

Meet GemStuffer, a sneaky campaign that's hijacking the RubyGems registry to steal sensitive data, including information from a UK council, by hiding scraped content within seemingly harmless package files. Over 150 malicious gems have been used to store and exfiltrate this data, exposing it to anyone who knows where to look.

Analyst 207May 13, 2026

Laptop screen displays blurred tech company account interface on neutral background.

RubyGems Disrupts Signups Amid Malicious Package Surge

RubyGems has temporarily halted new account registrations amid a significant surge in malicious packages, with security experts warning of a major attack on the platform. The move comes as Mend.io, the organization responsible for securing RubyGems, works to contain the incident.

Analyst 207May 12, 2026