securityonline.info 7/15/2026, 7:20:51 PM · external

Malicious NuGet Package Steals Payment Data From .NET Developers

Malicious NuGet Package Steals Payment Data From .NET Developers
CyberSIXT Evidence Panel
Primary Source socket.dev

THE page details four critical cybersecurity vulnerabilities detected today, including issues in Microsoft Active Directory and SharePoint Server, as well as vulnerabilities in SonicWall appliances. It also highlights a malicious NuGet package named Braintree.Net that impersonates the official Braintree SDK, targeting .NET developers. The malicious package is capable of skimming payment card data and stealing merchant API keys, with around 334 real installations identified.

A detailed infection chain and data exfiltration methods are described, emphasizing the need for immediate removal of the malicious package and credential rotation for affected users.

View Primary Source Via securityonline.info

Article by CyberSIXT