No REST for the wicked: Ruby gem hacked to siphon passwords, secrets from web devs
Developer account cracked due to credential reuse, source tampered with and released to hundreds of programmers
An old version of a Ruby software package called rest-client that was modified and released about a week ago has been removed from the Ruby Gems repository - because it was found to be deliberately leaking victims' credentials to a remote server."