TechSecInfo

The tech + cyber briefing: what happened, why it matters, and where it came from.

Cyber Security

Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets

By rooter

Cybersecurity researchers have discovered a malicious NuGet package that masquerades as a C# software development kit for Sicoob, one of Brazil’s largest cooperative financial systems, to siphon client IDs and PFX certificates.

According to Socket, versions 2.0.0 through 2.0.4 of “Sicoob.Sdk” contain functionality to exfiltrate sensitive information, including PFX certificates that are used to

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

By rooter

Related Post

Cyber Security

Name That Toon: Mark of (Cybersecurity) Progress

rooter
Cyber Security

ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface

rooter
Cyber Security

Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit

rooter

Leave a Reply

You Missed

News

‘.hack//Sign’ Still Hits as an Existential Gaming Anime About the Virtues of Logging Off

News

SpaceX gets $4 billion contract to build missile-tracking ‘Golden Dome’ satellites

News

Senator Raises Alarms Over TikTok’s Handling of American Users’ Data

News

Kenyan court blocks Trump admin from dumping Ebola-exposed Americans there