Attackers Weaponize RubyGems for Data Dead Drops

Wednesday, May 13, 2026 at 09:09 PM UTC·Source: Dark Reading

Updated: Wednesday, May 13, 2026 at 10:01 PM UTC

Executive Summary

Threat actors are publishing RubyGems packages that include scrapers targeting public-facing UK government servers, but with no clear objective.

Analysis

Threat actors are publishing RubyGems packages that include scrapers targeting public-facing UK government servers, but with no clear objective.

Source Attribution

Originally published by Dark Reading on May 13, 2026.

Related Threats

CRITICALVulnerability

Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin

Hackers are leveraging a critical authentication bypass vulnerability in the WordPress plugin Burst Statistics to obtain admin-level access to websites. [...]

1h agoBleepingComputer

LOWVulnerability

Meet Fragnesia, the third Linux kernel vulnerability in a month

Linux admins reeling from handling last month’s CopyFail and last week’s Dirty Frag kernel vulnerabilities have a new headache to deal with: Fragnesia. “This is a significant vulnerability,” Robert Beggs , head of incident response firm DigitalDefence, told CSO . “It is bypassing traditional filesystem permissions that are present and enforced (for example, ‘file is owned by root’, or ‘file is rea

CVE-2026-46300

2h agoCSO Online

HIGHVulnerability

Maximum Severity Cisco SD-WAN Bug Exploited in the Wild

This is the second time this year a threat actor has leveraged a CVSS 10.0 vulnerability in Cisco's network control system.

2h agoDark Reading