Backdoor code was found added in a popular Ruby library used for frontend user interfaces inside Ruby and Ruby on Rails applications. The malicious code was removed via a library update.

In an arguably inevitable development, [Kaspersky Labs] researchers have found an active piece of malware, out in the wild, that would persist itself by writing its bootstrap code into the BIOS chip.

The bootstrap code and Makefile is out there on GitHub. Of course, it is a simple module and the reason it is possible is because of the scratchnative system that lets you compile Scratch into C code.