RubyGems, PyPI Hit by Malicious Packages Stealing Credentials, Crypto, Forcing Security Changes

A fresh set of 60 malicious packages has been uncovered targeting the RubyGems ecosystem. They pose as seemingly innocuous automation tools for social media, blogging, or messaging services to steal credentials from unsuspecting users.