Dossier
Sicoob
Coverage of Sicoob in the Nexus archive.
- Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets
Cybersecurity researchers identified a malicious NuGet package posing as a C# SDK for Sicoob, a Brazilian cooperative financial system, which steals client IDs and PFX certificates. Socket reported that versions 2.0.0 through 2.0.4 of 'Sicoob.Sdk' exfiltrate sensitive information.