CyberSecurityBoard
Sponsor Register Login

Malicious NuGet Packages Target Developers with Backdoors and Data Theft

The rise of malicious NuGet packages poses a significant threat to software developers and organizations relying on the .NET ecosystem. These packages, often disguised as legitimate libraries, are increasingly being used to distribute backdoors, steal sensitive data, and compromise development environments. Attackers exploit the trust developers place in package repositories by injecting malicious code into popular or similarly named packages, leading to widespread impact. This article explores recent incidents involving malicious NuGet packages, the tactics employed by threat actors, and the potential consequences for software supply chain security. It also highlights best practices for developers to detect and mitigate risks associated with third-party dependencies, including verifying package authenticity, monitoring for unusual behavior, and employing automated security tools. As the software supply chain becomes a prime target for cybercriminals, understanding the nuances of these attacks is crucial for maintaining secure development pipelines and protecting organizational assets.

This Cyber News was published on cybersecuritynews.com. Publication date: Sat, 25 Oct 2025 15:00:17 +0000


Cyber News related to Malicious NuGet Packages Target Developers with Backdoors and Data Theft

How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
1 year ago Aws.amazon.com
Malicious NuGet packages drop disruptive time bombs - Recently, security researchers uncovered a series of malicious NuGet packages that deploy disruptive time bombs targeting developers and organizations using the NuGet package manager. These packages are designed to remain dormant for a period before ...
1 month ago Bleepingcomputer.com
Malicious NuGet Packages Target Developers with Backdoors and Data Theft - The rise of malicious NuGet packages poses a significant threat to software developers and organizations relying on the .NET ecosystem. These packages, often disguised as legitimate libraries, are increasingly being used to distribute backdoors, ...
2 months ago Cybersecuritynews.com CVE-2023-23397 APT29
5000+ Malicious Packages Found In The Wild To Compromise Windows Systems - These packages, detected from November 2024 onward, employ sophisticated techniques to evade traditional security measures while executing harmful actions that can lead to data theft, unauthorized access, and complete system compromise. Similarly, ...
9 months ago Cybersecuritynews.com
31 Alarming Identity Theft Statistics for 2024 - Identity theft is a prevalent issue that affects millions of people annually. Although the numbers are startling, we've selected the 31 most concerning identity theft statistics to help you understand how to secure your identity. In 2022, the FTC ...
1 year ago Pandasecurity.com
Malicious PyPI packages targeting highly specific MacOS machines - As part of our software package supply chain security efforts, we continuously scan for malware in newly released PyPI and NPM packages. In this post, we describe a particularly interesting cluster of malicious packages that we've identified. In late ...
1 year ago Securitylabs.datadoghq.com
Building For a More Secure Future: How Developers Can Prioritize Cybersecurity - At the time, he was breaking new ground, repeating those words to help convince his teams on how crucial developers were going to be to the success of their platform. While the focus may have been initially on enterprise B2B platforms with Microsoft, ...
1 year ago Cyberdefensemagazine.com
Malicious npm Packages Attacking Linux Developers to Install SSH Backdoors - Discovered in early 2025, several malicious npm packages have been masquerading as legitimate Telegram bot libraries to deliver SSH backdoors and exfiltrate sensitive data from unsuspecting developers. The malicious variants—node-telegram-utils, ...
8 months ago Cybersecuritynews.com
3 PYPI Packages Caught Spreading Malware - Recent reports have highlighted the malicious spreading of malware via 3 specific Python Package Index (PyPI) packages. These 3 packages were identified and reported by Sonatype, a software supply chain security firm. ...
2 years ago Securityaffairs.com
North Korean hackers target open-source repositories in new espionage campaign | The Record from Recorded Future News - North Korean state-backed hackers have planted malicious code in open-source software repositories as part of an ongoing campaign that has already put tens of thousands of developers at risk of surveillance and data theft, according to new research. ...
4 months ago Therecord.media
Fake Nethereum NuGet Package Used to Steal Crypto Wallets and NFTs - A recent cybersecurity incident has revealed the use of a fake Nethereum NuGet package to steal cryptocurrency wallets and NFTs from unsuspecting users. This malicious package was designed to mimic the legitimate Nethereum package, a popular .NET ...
2 months ago Thehackernews.com
The Latest Identity Theft Methods: Essential Protection Strategies Revealed - Identity theft has evolved far beyond the days of stolen mail and dumpster diving. Today's identity thieves employ sophisticated techniques, including account takeovers and government benefit fraud, making it essential for you to stay vigilant to ...
1 year ago Hackread.com
Malicious NX Packages Found in S1ngularity Repository Targeting Developers - In August 2025, cybersecurity researchers uncovered a series of malicious NX packages hosted in the S1ngularity repository, posing a significant threat to developers and organizations relying on these packages. These malicious packages were designed ...
3 months ago Thehackernews.com
Malicious NPM Packages Targeting PayPal Users to Steal Sensitive Data - FortiGuard Labs, Fortinet’s AI-driven threat intelligence arm, has uncovered a series of malicious NPM packages designed to steal sensitive information from developers and target PayPal users. Detected between March 5 and March 14, 2025, these ...
8 months ago Cybersecuritynews.com
Mastering Cybersecurity: Developer Training - Discover how to create an effective and engaging training program for your developers. Create a security training program with clearly defined goals to influence your developers to prioritize learning. Developers are likelier to participate and exert ...
1 year ago Feeds.dzone.com Equation
Misconfiguration and vulnerabilities biggest risks in cloud security: Report - The two biggest cloud security risks continue to be misconfigurations and vulnerabilities, which are being introduced in greater numbers through software supply chains, according to a report by Sysdig. While zero trust is a top priority, data showed ...
2 years ago Csoonline.com Hunters
New Typosquatting and Repojacking Tactics Uncovered on PyPI - Security researchers have identified a concerning uptick in malicious activities infiltrating open-source platforms and code repositories. This trend encompasses a wide array of malicious activities, including hosting command-and-control ...
1 year ago Infosecurity-magazine.com
Malicious NPM Packages Exploit Ethereum Wallets to Steal Crypto Funds - In a recent cybersecurity alert, researchers have uncovered a series of malicious NPM packages designed to exploit vulnerabilities in Ethereum wallets, leading to significant crypto fund thefts. These packages, masquerading as legitimate ...
3 months ago Thehackernews.com
Three New Malicious PyPI Packages Deploy CoinMiner on Linux Devices - Affected platforms: LinuxAffected parties: Linux users that have these malicious packages installedImpact: Latency in device performanceSeverity level: High. On December 5th, 2023, FortiGuard's AI-driven OSS malware detection system identified three ...
1 year ago Feeds.fortinet.com
Unmasking Identity Theft: Detection and Mitigation Strategies - In an increasingly digital world, the threat of identity theft looms large, making it imperative for individuals to be proactive in detecting potential breaches and implementing effective mitigation measures. This article delves into key strategies ...
2 years ago Cybersecurity-insiders.com
CVE-2025-61776 - Dependency-Track is a component analysis platform that allows organizations to identify and reduce risk in the software supply chain. Prior to version 4.13.5, Dependency-Track may send credentials meant for a private NuGet repository to ...
2 months ago
Malicious NPM Packages Impersonate Popular Libraries to Steal Credentials, Cryptocurrency - In a recent cybersecurity alert, researchers have uncovered a wave of malicious NPM packages designed to impersonate popular JavaScript libraries. These packages are crafted to deceive developers by mimicking legitimate libraries, but their true ...
3 months ago Thehackernews.com
Hackers breach Toptal GitHub account, publish malicious npm packages - In the days that followed, the attackers modified the source code of Picasso on GitHub to include malware and published 10 malicious packages on NPM as Toptal, making them appear as legitimate updates. According to code security ...
5 months ago Bleepingcomputer.com
Arch Linux pulls AUR packages that installed Chaos RAT malware - Arch Linux has pulled three malicious packages uploaded to the Arch User Repository (AUR) were used to install the CHAOS remote access trojan (RAT) on Linux devices. The AUR is a repository where Arch Linux users can publish package build scripts ...
5 months ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)