{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreibvlni3f46cf67cclzgmh3y23uavedvhxp5y2z74bgcb4cwho3ng4",
    "uri": "at://did:plc:ghkvexthfanuyq7fb5veq6tw/app.bsky.feed.post/3mkryn4adhw52"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreidhxscsyktscognsxe3m6gxx4qa6fmjslnrkrfnnqonm5bfdxmjlm"
    },
    "mimeType": "image/jpeg",
    "size": 133873
  },
  "path": "/2026/05/poisoned-ruby-gems-and-go-modules.html",
  "publishedAt": "2026-05-01T09:43:00.000Z",
  "site": "https://thehackernews.com",
  "textContent": "A new software supply chain attack campaign has been observed using sleeper packages as a conduit to subsequently push malicious payloads that enabled credential theft, GitHub Actions tampering, and SSH persistence.\nThe activity has been attributed to the GitHub account \"BufferZoneCorp,\" which has published a set of repositories that are associated with malicious Ruby gems and Go modules. As of",
  "title": "Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft"
}