LOWSupply Chain
Global

RubyGems Suspends New Signups After Hundreds of Malicious Packages Are Uploaded

·Source: The Hacker News

Updated:

Executive Summary

RubyGems, the standard package manager for the Ruby programming language, has temporarily paused account sign ups following what has been described as a "major malicious attack." "We're dealing with a major malicious attack on Ruby Gems right now," Maciej Mensfeld, senior product manager for software supply chain security at Mend.io, said in a post on X. "Signups are paused for the time being.

Analysis

RubyGems, the standard package manager for the Ruby programming language, has temporarily paused account sign ups following what has been described as a "major malicious attack." "We're dealing with a major malicious attack on Ruby Gems right now," Maciej Mensfeld, senior product manager for software supply chain security at Mend.io, said in a post on X. "Signups are paused for the time being.

Indicators of Compromise (1)

Domain (1)
Mend.io
VirusTotalURLhaus
Source Attribution

Originally published by The Hacker News on May 12, 2026.

Related Threats

LOWSupply Chain

Expired domain leads to supply chain attack on node-ipc npm package

A popular npm package called node-ipc has been compromised, with hackers publishing malicious versions that bundle credential stealing malware. The root cause of the compromise was an expired domain name that attackers managed to register in order to hijack a maintainer’s account. The node-ipc package has had malware added to its code in the past. In March 2022, following Russia’s invasion of Ukra

CSO Online
MEDIUMSupply Chain

Popular node-ipc npm package compromised to steal credentials

Hackers have injected credential-stealing malware into newly published versions of node-ipc, a popular inter-process communication package, in a new supply chain attack targeting npm. [...]

BleepingComputer
MEDIUMSupply Chain

TanStack Supply Chain Attack Hits Two OpenAI Employee Devices, Forces macOS Updates

OpenAI has disclosed that two of its employee devices in its corporate environment were impacted via the Mini Shai-Hulud supply chain attack on TanStack, but noted that no user data, production systems, or intellectual property were compromised or modified in an unauthorized manner. "Upon identification of the malicious activity, we worked quickly to investigate, contain, and take steps to

The Hacker News