Hackers Abuse NuGet Packages to Deliver SeroXen RAT

The NuGet package manager, which .NET developers widely use, has been under attack by a series of malicious activities, according to a report by cybersecurity firm ReversingLabs.  The report, which follows previous investigations on npm, PyPI, and RubyGems ecosystems, shows that NuGet is also vulnerable to software supply chain attacks by threat actors. The report reveals a coordinated campaign that started in August, where attackers have abused NuGet’s MSBuild integrations feature, showing a more sophisticated and stealthy way to compromise the open-source ecosystem.  The campaign, similar to earlier attacks on npm and PyPI, shows the persistent attempts of these attackers to undermine the trust and security of software packages.

Source: GBHackers

 


Date:

Categorie(s):