Malicious NuGet packages drop disruptive 'time bombs'

Several malicious packages on NuGet have sabotage payloads scheduled to activate in 2027 and 2028, targeting database ...
The Hacker News

Hidden Logic Bombs in Malware-Laced NuGet Packages Set to Detonate Years After Installation

A set of nine malicious NuGet packages has been identified as capable of dropping time-delayed payloads to sabotage database ...
Developer Tech

Malicious time bomb packages on NuGet target databases, industry

Security researchers have uncovered malicious packages on NuGet that act as time-delayed time bombs aimed at databases and ...
Cryptopolitan on MSN

Socket flags malicious NuGet packages set to activate in 2027 and 2028

Two years ago, an account with the name “shanhai666” uploaded nine malicious NuGet packages. This launched a complicated ...
The Register on MSN

Cybercrims plant destructive time bomb malware in industrial .NET extensions

Multi-year wait for destruction comes to an end for mystery attackers Security experts have helped remove malicious NuGet ...
CSOonline

Malicious package campaign on NuGet abuses MSBuild integrations

Attackers are exploiting for the first time a known security risk in a popular MSBuild feature to place hard-to-detect malicious files in the .NET repository. Attackers are constantly coming up with ...
Visual Studio Magazine

Inside the NuGet Package Manager

The popular, open source Nuget Package Management system makes quick work of installing, configuring and updating third-party components in.NET projects. Welcome to the new Open Source .NET column at ...
Visual Studio Magazine

NuGet Inside the Firewall

NuGet extends Visual Studio by simplifying the process of installing and updating third-party libraries and tools. It has limitations in a local private network, however. Here's what you need to know, ...