Bleeping Computer

Malicious NuGet packages abuse MSBuild to install malware

A new NuGet typosquatting campaign pushes malicious packages that abuse Visual Studio's MSBuild integration to execute code and install malware stealthily. NuGet is an open-source package manager and ...
Visual Studio Magazine

Creating a NuGet Web Site

In my regular Practical.NET column, I showed how easy it is to create NuGet packages and discussed how it was a much better way for a developer to share anything you've created, from Entity Framework ...
Dark Reading

.NET Devs Targeted With Malicious NuGet Packages

A baker's dozen of packages hosted on the NuGet repository for .NET software developers are actually malicious Trojan components that will compromise the installation system and download ...
Bleeping Computer

Malicious NuGet packages drop disruptive 'time bombs'

Several malicious packages on NuGet have sabotage payloads scheduled to activate in 2027 and 2028, targeting database implementations and Siemens S7 industrial control devices. The embedded malicious ...
Visual Studio Magazine

6 Top .NET Package- and Dependency-Management Tools

They may not be sexy, but package managers are an integral part of every developer's work -- using the right ones can make you more productive. Read on to find out what -- and where -- they are. It's ...
CSOonline

Malicious package campaign on NuGet abuses MSBuild integrations

Attackers are exploiting for the first time a known security risk in a popular MSBuild feature to place hard-to-detect malicious files in the .NET repository. Attackers are constantly coming up with ...