The first victims of critical vulnerabilities Rails: RubyGems.org suffered a hacker attack

Before the Rails community managed to recover from the latest critical vulnerabilities with YAML parsing, attackers hit the saint — RubyGems.org (wiki) was hacked, through the vulnerabilities described above. At least one malicious heme was poured on RubyGems, which potentially had access to sensitive information, including the rights to manipulate gems.

At the moment, the RubyGems team is checking all gems, as it does not know which of them were forged. Using a two-month-old mirror, it was found that 84% of the gems did not make any changes. The remaining 16% are checked by the second mirror.

Sources:
www.ehackingnews.com/2013/01/rubygemsorg-hacked-via-yaml-parsing.html
status.heroku.com/incidents/489