1. GemStuffer Campaign Weaponizes RubyGems to Siphon Data from U.K. Council Portals
Cybersecurity researchers have identified a targeted campaign dubbed GemStuffer that has weaponized the RubyGems package registry as a covert data exfiltration channel, compromising more than 150 gems in an operation distinct from typical software supply chain attacks. The campaign's objective is not mass developer com...