A sophisticated software supply chain attack originating from the GitHub account BufferZoneCorp has been uncovered, targeting developers and continuous integration environments through malicious Ruby gems and Go modules. The campaign deployed sleeper packages that impersonated legitimate developer tools, which were later weaponized to steal secrets and poison build pipelines. On the Ruby ecosystem, threat actors […]

The post Ruby Gems and Go Modules Used in Campaign Targeting GitHub Actions appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.