A revised patch has been released for a flaw in the distribution platform for Ruby applications, RubyGems, which could be used to deliver malware to someone trying to download a program. RubyGems lets ...
New malicious RubyGems packages have been discovered that are being used in a supply chain attack to steal cryptocurrency from unsuspecting users. RubyGems is a package manager for the Ruby ...
For two years now, a Korean threat actor has been publishing malicious open source software (OSS) packages designed to steal credentials from spam marketers. Are you tired of shady, throwaway online ...
A new threat campaign is using RubyGems as a dead drop to store exfiltrated data, but the attacker's long-term plans are less clear. Software development security vendor Socket published research ...
The RubyGems package repository has fixed a critical vulnerability that would allow anyone to unpublish ("yank") certain Ruby packages from the repository and republish their tainted or malicious ...
A decade-long RubyGems maintainer, Ellen Dash (also known as duckinator), has resigned from Ruby Central following what she described as a "hostile takeover" of the open source project.… RubyGems is ...
In September 2025, a RubyGems maintainer renamed RubyGems' GitHub Enterprise site to 'Ruby Central' without prior notice, added Marty Haught of Ruby Central, who had not previously been a RubyGems ...
A revised patch has been released for a flaw in the distribution platform for Ruby applications, RubyGems, which could be used to deliver malware to someone trying to download a program. RubyGems lets ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results