Security LandHow many of your dependencies have you actually audited lately?
ReversingLabs uncovered a 4-month campaign where attackers published 14 malicious packages on NuGet, all targeting cryptocurrency developers. These weren't sloppy hacks—they were sophisticated impersonations of legitimate blockchain tools like Nethereum and Coinbase.Net.Api.
#SecurityLand #CyberWatch #Malware #Blockchain #Crypto #Nethereum #Research
Read More: https://www.security.land/crypto-theft-campaign-exploits-nuget-packages-for-months/
NuGet Malware Targets Crypto Wallets in Multi-Month Attack
Security researchers uncovered 14 malicious NuGet packages that impersonated legitimate cryptocurrency tools to steal funds and OAuth tokens. The campaign ran undetected from July through October 2025, using social engineering tactics.