Bleeping Computer

Malicious RubyGems pose as Fastlane to steal Telegram API data

Two malicious RubyGems packages posing as popular Fastlane CI/CD plugins redirect Telegram API requests to attacker-controlled servers to intercept and steal data. RubyGems is the official package ...
Dark Reading

Attackers Impersonate Ruby Packages to Steal Sensitive Telegram Data

Attackers are exploiting a popular code package for the Ruby programming language in a supply chain attack aimed at stealing sensitive data from Telegram chats. The attack demonstrates how threat ...