cognitive cybersecurity intelligence

News and Analysis


Malicious package campaign on NuGet abuses MSBuild integrations

Attackers have begun using an inline tasks feature of MSBuild, a code building tool, to execute malicious codes on NuGet Gallery, a repository for .NET packages. This is the first known instance of malware on NuGet exploiting this feature. The malware was part of a months-long typosquatting campaign, with hundreds of malicious packages being uploaded to the repository since August. The tactics used by the attackers evolved throughout the campaign.

Source: –

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

More Posts

A National Imperative – Cyber Resiliency

Cybersecurity expert Andrea E. Davis emphasizes the increasing vulnerability of critical infrastructure to cyber threats, highlighting instances such as the 2003 US and Canada power