> TritonInfoSec News
Home / May 14, 2026 / Story
0
#5 SecurityWeek general May 13, 2026 at 07:30 UTC

Hundreds of Malicious Packages Force RubyGems to Suspend Registrations

By Eduard Kovacs

AI Summary

The GemStuffer campaign pushed over 500 malicious packages to RubyGems, abusing the registry as a data exfiltration channel by scraping UK government council portal data rather than targeting developers directly. The scale of the attack forced RubyGems to temporarily suspend new account registrations — a significant disruption to the Ruby ecosystem. This represents an unusual supply-chain attack pattern where the package registry itself is weaponized as infrastructure rather than as a malware delivery mechanism.

Read full article → https://www.securityweek.com/hundreds-of-malicious…

Relevance score: 84.0/100

# More from May 14

  1. 1
    Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws The Hacker News
  2. 2
    Microsoft Patches Critical Zero-Click Outlook Vulnerability Threatening Enterprises SecurityWeek
  3. 3
    Windows BitLocker zero-day gives access to protected drives, PoC released BleepingComputer
  4. 4
    New critical Exim mailer flaw allows remote code execution BleepingComputer
  5. 6
    Instructure pays ransom after Canvas incident as Congress announces investigation The Record
  6. 7
    Foxconn confirms cyberattack claimed by Nitrogen ransomware gang BleepingComputer
  7. 8
    Android Adds Intrusion Logging for Sophisticated Spyware Forensics The Hacker News
  8. 9
    Fortinet, Ivanti Patch Critical Vulnerabilities SecurityWeek
  9. 10
    Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation The Hacker News