RubyGems, the standard package manager for Ruby, has temporarily suspended new account registrations after what the article described as a major malicious attack, with hundreds of packages involved and some carrying exploits.
KEY FACTS
- Service change New account registration on RubyGems has been temporarily disabled.
- Attack scope The incident reportedly involved hundreds of packages.
- Security response Mend.io said it secures RubyGems and plans to share more details after containment.
- Open question The attacker has not been identified.
Visitors to the sign up page now see a notice saying new account registration has been temporarily disabled. Maciej Mensfeld, senior product manager for software supply chain security at Mend.io, described the situation in a post on X as a major malicious attack on RubyGems.
The report said hundreds of packages were involved, with most of the activity aimed at Mend.io and some packages carrying exploits. Mend.io said it would release more details once the incident is contained. The disclosure did not identify who was behind the attack.
The development comes as software supply chain attacks against open-source ecosystems have increased. The article cited recent activity involving widely used packages used to spread credential-stealing malware and expand attacker access.
WHY IT MATTERS
RubyGems is a core distribution platform for Ruby software, so disruptions there can affect package publishing and trust in the ecosystem. The incident also shows how attacks on open-source services can reach beyond a single package and force temporary security controls.