Bleeping Computer

Malicious NuGet packages abuse MSBuild to install malware

A new NuGet typosquatting campaign pushes malicious packages that abuse Visual Studio's MSBuild integration to execute code and install malware stealthily. NuGet is an open-source package manager and ...
Dark Reading

Russia's Turla APT Abuses MSBuild to Deliver TinyTurla Backdoor

A Russia-linked advanced persistent threat (APT) group has been abusing PDF and MSBuild project files in a campaign that uses socially engineered emails to deliver the TinyTurla backdoor as a fileless ...