GemStuffer Exploits RubyGems to Exfiltrate UK Council Data

Meet GemStuffer, a sneaky campaign that's hijacking the RubyGems registry to steal sensitive data, including information from a UK council, by hiding scraped content within seemingly harmless package files. Over 150 malicious gems have been used to store and exfiltrate this data, exposing it to anyone who knows where to look.

https://osintsights.com/gemstuffer-exploits-rubygems-to-exfiltrate-uk-council-data?utm_source=mastodon&utm_medium=social

#Gemstuffer #Rubygems #DataExfiltration #PackageRegistry #SupplyChain