cognitive cybersecurity intelligence

News and Analysis

Malicious NuGet packages abuse MSBuild to install malware

A new typosquatting campaign using the open-source package manager, NuGet, has been identified as potentially infecting Windows systems with malware. Packages employed in the campaign use MSBuild integration to run codes in a stealthy manner. Though this feature enhances the building and packaging process for software projects, it opens up a new vulnerability for script execution during a package’s installation. This is the first documented instance of threat actors exploiting this feature in NuGet packages.

Source: www.bleepingcomputer.com –

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

More Posts

47% of Manufacturing Breaches in 2024 Involved Ransomware

47% of Manufacturing Breaches in 2024 Involved Ransomware

Summarize this content to a maximum of 60 words: KnowBe4 released its new report highlighting cybersecurity challenges facing the manufacturing industry.

SaaS security is now a major blind spot for enterprises

SaaS security is now a major blind spot for enterprises

Summarize this content to a maximum of 60 words: Rising SaaS security threats are being overlooked, new research shows

New ZuRu Malware Variant Targeting Developers

New ZuRu Malware Variant Targeting Developers

Summarize this content to a maximum of 60 words: A new report reveals new artifacts associated with ZuRu, an Apple macOS malware.

Councillors given assurance on full costs of cyber attack – Midlothian View

Councillors given assurance on full costs of cyber attack – Midlothian View

Summarize this content to a maximum of 60 words: Councillors given assurance on full costs of cyber attack Midlothian View