RUBYGEMS has temporarily paused new signups after what The Hacker News describes as a major malicious attack, with Mend[.]io confirming hundreds of uploaded packages were involved. According to Maciej Mensfeld, senior product manager for software supply chain security at Mend[.]io, signups are paused for the time being and most of the malicious packages targeted RubyGems users, though some carried exploits.
Visitors to the sign-up page are greeted with the message that new account registration has been temporarily disabled. The incident is described as ongoing, and it is not yet known who is behind the attack, though the piece notes that software supply chain attacks on open‑source ecosystems have been on the rise and that threat actors such as TeamPCP have been involved in compromising widely used packages.
In a Monday report, Google said credentials stolen from affected environments have been monetised through partnerships with ransomware and data theft extortion groups. This is a developing story, with Mend[.]io promising to release more details once the incident is contained. According to The Hacker News.