Skip to content
The Nexus
SECURITYMay 13 · 08:08 UTCTHE HACKER NEWS[email protected] (The Hacker News)

GemStuffer Abuses 150+ RubyGems to Exfiltrate Scraped U.K. Council Portal Data

GemStuffer has targeted the RubyGems repository with over 150 gems to exfiltrate data from a U.K. council portal. The gems are used as a data exfiltration channel rather than for malware distribution. Many of the packages have little or no download activity and repetitive payloads.

Nexus surfaces and summarizes. The full story lives at the source.

Mentioned
Spot something wrong with this article?Report a problem →
Forward this