July 11, 2024 at 11:49AM Threat actors have launched a new wave of malicious packages on the NuGet package manager, using a sophisticated approach to evade detection. The 60 fresh packages demonstrate a refined strategy, employing IL weaving to inject malicious functionality into legitimate .NET binaries. The end goal is to deliver a remote access … Read more
March 26, 2024 at 01:33PM Threat hunters have flagged the suspicious “SqzrFramework480” package in NuGet, possibly linked to Chinese firm Bozhon Precision. The package contains a DLL file with features for taking screenshots, pinging a remote IP, and transmitting screenshots over a socket. While motives remain unclear, it highlights the risk of concealed malicious code … Read more
October 31, 2023 at 08:18AM Malicious packages have been discovered on the NuGet package manager, deployed using a lesser-known method. The campaign, ongoing since August 2023, involves rogue packages delivering the SeroXen RAT remote access trojan. The threat actors behind the campaign are persistent, continuously publishing new malicious packages. The packages imitate popular ones and … Read more