SECURITYTHE HACKER NEWS
Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets
Cybersecurity researchers identified a malicious NuGet package posing as a C# SDK for Sicoob, a Brazilian cooperative financial system, which steals client IDs and PFX certificates. Socket reported that versions 2.0.0 through 2.0.4 of 'Sicoob.Sdk' exfiltrate sensitive information.
Related Signal
Adjacent reporting
- SAP npm Packages Compromised by “Mini Shai-Hulud” Credential-Stealing Malware
- Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware
- Bitwarden CLI npm package compromised to steal developer credentials
- Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens
- Official SAP npm packages compromised to steal credentials
- Cache-poisoning caper turns TanStack npm packages toxic