cognitive cybersecurity intelligence

News and Analysis

Malicious package campaign on NuGet abuses MSBuild integrations

Attackers have begun using an inline tasks feature of MSBuild, a code building tool, to execute malicious codes on NuGet Gallery, a repository for .NET packages. This is the first known instance of malware on NuGet exploiting this feature. The malware was part of a months-long typosquatting campaign, with hundreds of malicious packages being uploaded to the repository since August. The tactics used by the attackers evolved throughout the campaign.

Source: –

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

More Posts

Flow Security Launches GenAI DLP

Flow Security, an Israel-based data security platform, has incorporated a GenAI DLP module to secure data for GenAI services and applications. The move seeks to