RubyGems, PyPI Hit by Malicious Packages Stealing Credentials, Crypto, Forcing Security Changes The Hacker Newsinfo@thehackernews.com (The Hacker News)

A fresh set of 60 malicious packages has been uncovered targeting the RubyGems ecosystem by posing as seemingly innocuous automation tools for social media, blogging, or messaging services to steal credentials from unsuspecting users.
The activity is assessed to be active since at least March 2023, according to the software supply chain security company Socket. Cumulatively, the gems have been A fresh set of 60 malicious packages has been uncovered targeting the RubyGems ecosystem by posing as seemingly innocuous automation tools for social media, blogging, or messaging services to steal credentials from unsuspecting users.
The activity is assessed to be active since at least March 2023, according to the software supply chain security company Socket. Cumulatively, the gems have been

In The News

Tech Jacks
Derrick Jackson is a IT Security Professional with over 10 years of experience in Cybersecurity, Risk, & Compliance and over 15 Years of Experience in Enterprise Information Technology

RubyGems, PyPI Hit by Malicious Packages Stealing Credentials, Crypto, Forcing Security Changes The Hacker [email protected] (The Hacker News)

Like this:

Leave A Reply

Leave a Reply Cancel reply

Blog

RubyGems, PyPI Hit by Malicious Packages Stealing Credentials, Crypto, Forcing Security Changes The Hacker [email protected] (The Hacker News)

Share this:

Like this:

Leave A Reply

Leave a Reply Cancel reply

Blog