With new dev tooling security vulnerabilities publicized regularly, Microsoft's new .NET 9 Preview 6 addresses the problem in one specific area: NuGet packages used for sharing code libraries, tools ...
Several malicious packages on NuGet have sabotage payloads scheduled to activate in 2027 and 2028, targeting database implementations and Siemens S7 industrial control devices. The embedded malicious ...
Threat actors are targeting and infecting .NET developers with cryptocurrency stealers delivered through the NuGet repository and impersonating multiple legitimate packages via typosquatting. Three of ...
A baker's dozen of packages hosted on the NuGet repository for .NET software developers are actually malicious Trojan components that will compromise the installation system and download ...
Attackers are exploiting for the first time a known security risk in a popular MSBuild feature to place hard-to-detect malicious files in the .NET repository. Attackers are constantly coming up with ...
Threat actors have been observed using the open source package manager NuGet to craft malicious packages targeting .NET developers. According to software package management company JFrog, the ...