postmodernThe so-called "supply chain attacks" (really just typosquatting) are starting to show up on https://rubygems.org. Luckily for the Ruby community all of the good gem names have already been takenš„ /s.
https://socket.dev/blog/malicious-ruby-gems-exfiltrate-telegram-tokens-and-messages-following-vietnam-ban