The Hacker News

Rogue NuGet Package Poses as Tracer.Fody, Steals Cryptocurrency Wallet Data

A fake NuGet package mimicking Tracer.Fody stayed online for years, stealing Stratis wallet files and passwords from Windows ...
The Hacker News

Fake WhatsApp API Package on npm Steals Messages, Contacts, and Login Tokens

A malicious npm package posing as a WhatsApp API intercepts messages, steals credentials, and links attacker devices after 56 ...
TechJuice

Rogue NuGet Package Discovered in .NET Ecosystem Worth Avoiding

A malicious NuGet package posing as the popular TracerFody library poses a threat to .NET developers and software supply ...
Visual Studio Magazine

.NET 9 Addresses NuGet Vulnerabilities in Preview 6

With new dev tooling security vulnerabilities publicized regularly, Microsoft's new .NET 9 Preview 6 addresses the problem in one specific area: NuGet packages used for sharing code libraries, tools ...
Visual Studio Magazine

Despite .NET Core 3 Deprecation, Newtonsoft JSON Serializer Still Rules NuGet Roost

Despite being deprecated by Microsoft in .NET Core 3.0, the wildly popular Newtonsoft.Json JSON serializer still rules the roost in the NuGet package manager system for .NET developers. The tool to ...