News

ReversingLabs reports that the NuGet packages they spotted, which have been removed, were part of an ongoing campaign that started in August 2023. However, it didn't abuse MSBuild integrations ...
According to ReversingLabs, the packages detected by Phylum were likely part of a larger coordinated campaign on NuGet Gallery that started in August and resulted in several hundred malicious ...
NuGet has nothing to do with the GAC. I've found it useful - what I did was stuff a NuGet.Config at my branch root pointing at a shared Packages folder which is stuffed into TFS.
Threat actors are targeting and infecting .NET developers with cryptocurrency stealers delivered through the NuGet repository and impersonating multiple legitimate packages via typosquatting.