When NuGet installs a package containing a '\build' folder, it automatically adds an MSBuild <Import> element to the project, referencing the .targets and .props files in that folder.

According to ReversingLabs, the packages detected by Phylum were likely part of a larger coordinated campaign on NuGet Gallery that started in August and resulted in several hundred malicious ...

NuGet has nothing to do with the GAC. I've found it useful - what I did was stuff a NuGet.Config at my branch root pointing at a shared Packages folder which is stuffed into TFS.

Threat actors are targeting and infecting .NET developers with cryptocurrency stealers delivered through the NuGet repository and impersonating multiple legitimate packages via typosquatting.