Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets
Source: Thehackernews
Published:
<p>Cybersecurity researchers have discovered a malicious NuGet package that masquerades as a C# software development kit for Sicoob, one of Brazil's largest cooperative financial systems, to siphon client IDs and PFX certificates.</p> <p>According to Socket, versions 2.0.0 through 2.0.4 of "Sicoob.S