Web Scouter
Back to News
Security NewsMediumIncidentsupply chain

GemStuffer Abuses 150+ RubyGems to Exfiltrate Scraped U.K. Council Portal Data

UnknownMay 13, 2026(about 3 hours ago)

Over 150 malicious RubyGems were used to exfiltrate data from U.K. council portals, targeting the RubyGems repository.

Cybersecurity researchers are calling attention to a new campaign dubbed GemStuffer that has targeted the RubyGems repository with more than 150 gems that use the registry as a data exfiltration channel rather than for malware distribution. "The packages do not appear designed for mass developer compromise," Socket said. "Many have little or no download activity, and the payloads are repetitive,

Related News

Fortinet, Ivanti Patch Critical Vulnerabilities

Unknownabout 2 hours ago

Chipmaker Patch Tuesday: Intel and AMD Patch 70 Vulnerabilities

Unknownabout 3 hours ago

CVE-2026-6210 Type confusion and heap-buffer-overflow in Qt SVG marker handling causing application crash

Unknownabout 3 hours ago

Get Personalized Alerts

Track vendors and receive alerts when security incidents affect your supply chain.

What We Monitor

Security Incidents

Data breaches, ransomware, and unauthorized access

Vulnerabilities

CVEs and vendor security advisories

Compliance Updates

Regulatory changes and certification news

Legal News

Privacy laws and enforcement actions

Vendor Directory

Browse our directory of SaaS vendors with security documentation and compliance information.