Bleeping Computer

Hackers target .NET developers with malicious NuGet packages

Threat actors are targeting and infecting .NET developers with cryptocurrency stealers delivered through the NuGet repository and impersonating multiple legitimate packages via typosquatting. Three of ...
Visual Studio Magazine

Creating a NuGet Web Site

In my regular Practical.NET column, I showed how easy it is to create NuGet packages and discussed how it was a much better way for a developer to share anything you've created, from Entity Framework ...
Developer Tech

NuGet attack highlights open-source software supply chain risk

An attack on the NuGet package registry shows how advanced open-source software supply chain attacks have become.
Visual Studio Magazine

NuGet.org Adds Sponsorship Links to Support Package Maintainers

New NuGet.org feature lets package authors add sponsor links so users can support maintainers directly through approved funding platforms.
CSOonline

Malicious package campaign on NuGet abuses MSBuild integrations

Attackers are exploiting for the first time a known security risk in a popular MSBuild feature to place hard-to-detect malicious files in the .NET repository. Attackers are constantly coming up with ...