VYPR

gem · Malicious package advisory

Malware

resource_registry

MAL-2025-6348

Malicious code in resource_registry (RubyGems)

Details


---
_-= Per source details. Do not edit below this line.=-_

## Source: ossf-package-analysis (97ad7e4a2d8c7feaee7f61db0f1f57c90f92b4f92d6ca258fef4bc5f5107666d)
The OpenSSF Package Analysis project identified 'resource_registry' @ 1.0.22 (rubygems) as malicious.

It is considered malicious because:

- The package communicates with a domain associated with malicious activity.

Compromised versions (2)

  • 0.0.1
  • 1.0.22

Any computer that installed or ran a compromised version should be considered fully compromised. Rotate every secret on that machine from a clean environment.