The Hacker News

Malicious NuGet Packages Stole ASP.NET Data; npm Package Dropped Malware

Four rogue NuGet packages and one npm package stole ASP.NET Identity data, deployed C2 backdoors, and reached over 50,000 ...
Infosecurity Magazine

Malicious NuGet Package Targets Stripe Developers

A malicious NuGet package designed to mimic Stripe's official .NET library has been uncovered by cybersecurity researchers, marking a shift in tactics from earlier cryptocurrency-focused campaigns to ...
Bleeping Computer

Malicious NuGet packages abuse MSBuild to install malware

A new NuGet typosquatting campaign pushes malicious packages that abuse Visual Studio's MSBuild integration to execute code and install malware stealthily. NuGet is an open-source package manager and ...
TechRadar

Malicious NuGet packages with millions of downloads are targeting users everywhere

Cybersecurity researchers from Phylum recently discovered a malware campaign on the NuGet package manager for the .NET Framework, trying to trick people into infecting their endpoints with a remote ...
Visual Studio Magazine

Inside the NuGet Package Manager

The popular, open source Nuget Package Management system makes quick work of installing, configuring and updating third-party components in.NET projects. Welcome to the new Open Source .NET column at ...
Hosted on MSN

Industrial computing systems at risk from "time bombs " in malicious NuGet packages

Thousands of critical infrastructure organizations, as well as those working in other, equally important verticals, were targeted by a perfidious attack that sought to sabotage their industrial ...