Malicious NuGet packages drop disruptive 'time bombs'

Several malicious packages on NuGet have sabotage payloads scheduled to activate in 2027 and 2028, targeting database ...
Developer Tech

Malicious time bomb packages on NuGet target databases, industry

Security researchers have uncovered malicious packages on NuGet that act as time-delayed time bombs aimed at databases and ...
The Hacker News

Hidden Logic Bombs in Malware-Laced NuGet Packages Set to Detonate Years After Installation

A set of nine malicious NuGet packages has been identified as capable of dropping time-delayed payloads to sabotage database ...
Cryptopolitan on MSN

Socket flags malicious NuGet packages set to activate in 2027 and 2028

Two years ago, an account with the name “shanhai666” uploaded nine malicious NuGet packages. This launched a complicated ...
CSOonline

Malicious package campaign on NuGet abuses MSBuild integrations

Attackers are exploiting for the first time a known security risk in a popular MSBuild feature to place hard-to-detect malicious files in the .NET repository. Attackers are constantly coming up with ...

Industrial computing systems at risk from "time bombs " in malicious NuGet packages

According to Socket, the packages targeted all three major database providers used in .NET applications - SQL Server, PostgreSQL, and SQLite, adding that the ...