Bleeping Computer

GitHub now scans for accidentally-exposed PyPI, RubyGems secrets

GitHub has recently expanded its secrets scanning capabilities to repositories containing PyPI and RubyGems registry secrets. The move helps protect millions of applications built by Ruby and Python ...
Threat Post

RubyGems Patches Remote Code Execution Vulnerability

RubyGems patched an unsafe object deserialization vulnerability this week that could have allowed attackers to remotely execute code on vulnerable systems. RubyGems, a package of software tools that ...
GIGAZINE

Ownership of the RubyGems repository, which was suddenly hijacked and its maintainer kicked out, will be transferred to the Ruby core team.

In September 2025, a RubyGems maintainer renamed RubyGems' GitHub Enterprise site to 'Ruby Central' without prior notice, added Marty Haught of Ruby Central, who had not previously been a RubyGems ...
GIGAZINE

RubyGems' GitHub Enterprise was renamed to Ruby Central, expelling existing maintainers

Below is a copy and paste of a PDF written by a maintainer named Ellen Dash about the RubyGems controversy, written by a Hacker News user. Ellen, who has been a member of the Ruby community since she ...
heise online

Who owns an open source project? – RubyGems threatens to split

Ruby Central, a non-profit organisation of the Ruby community, seized control of the GitHub repositories and some important gems of the RubyGems and Bundler package ecosystems without warning in ...