Backdoor code found in 11 Ruby libraries (ZDNet)

ZDNet reportson the discovery of a set of malicious libraries in the RubyGemsrepository. "The individual behind this scheme was active for more than a month, and their actions were not detected.Things changed when the hacker managed to gain access to the RubyGems account of one of the rest-client developers, which he used to push four malicious versions of rest-client on RubyGems.However, by targeting such a high-profile project that has over 113 million total downloads on RubyGems, the hacker also brought a lot of light to their operation, which was taken down within a few hours after users first spotted the malicious code in the rest-client library."