Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft

it4int Pvt Ltd May 01, 2026

iT4iNT SERVER A new software supply chain attack campaign has been observed using sleeper packages as a conduit to subsequently push malicious payloads that enabled credential theft, GitHub Actions tampering, and SSH persistence.
The activity has been attributed to the GitHub account "BufferZoneCorp," which has published a set of repositories that are associated with malicious Ruby gems and Go modules. As of VDS VPS Cloud

http://dlvr.it/TSK60v

Menu

Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft

0 Comments

Popular Posts

High Configuration Server

Dell RecoverPoint for VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024

Hackers Weaponize Windows Hyper-V to Hide Linux VM and Evade EDR Detection

Subscribe Us

Report Abuse

Contact Info

Contact List

Contact form

Menu

Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft

You may like these posts

0 Comments

Popular Posts

High Configuration Server

Dell RecoverPoint for VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024

Hackers Weaponize Windows Hyper-V to Hide Linux VM and Evade EDR Detection

Subscribe Us

Report Abuse

Contact Info

Contact List

Contact form