THE article discusses a malicious NuGet package named 'Sicoob' that targets cloud secrets to steal banking credentials. It highlights how the package is disguised as a legitimate npm package, compromising security in software supply chains. Security experts advise vigilance against such threats, emphasizing the need for stronger protections and monitoring of dependencies.
NuGet package Sicoob steals banking credentials via cloud secrets
CyberSIXT Evidence Panel
Source marked as original reporting
Article by CyberSIXT