CQRS senza MediatR: implementare Command e Query handler in .NET con il DI container
MediatR è passato a licenza commerciale e molti team .NET stanno cercando alternative. Buone notizie: CQRS è un pattern, non una libreria. Ecco come implementare command e query handler puliti usando solo il DI container integrato di .NET.
5 Malicious NuGet Packages Impersonate Chinese UI Libraries to Distribute Crypto Wallet and Credential Stealer
Five malicious NuGet packages published under account bmrxntfj impersonate Chinese .NET libraries to deploy an infostealer targeting browser credentials, cryptocurrency wallets, SSH keys, and local files. The packages typosquat legitimate Chinese UI and infrastructure libraries, grafting .NET Reactor-protected payloads onto decompiled legitimate code. The campaign uses version rotation to evade hash-based detection, with 219 of 224 total versions unlisted but fetchable. The stealer targets 12 browsers, 8 desktop crypto wallets, and 5 browser wallet extensions, exfiltrating data to a newly-registered C2 domain. With approximately 65,000 downloads across all versions, the campaign puts tens of thousands of developer workstations and CI/CD build servers at risk. The payload executes through .NET module initializers, hooks the CLR JIT compiler, and supports cross-platform infection including Linux and macOS infrastructure.
Pulse ID: 69fcc64069bf35be793669dd
Pulse Link: https://otx.alienvault.com/pulse/69fcc64069bf35be793669dd
Pulse Author: AlienVault
Created: 2026-05-07 17:05:04
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Browser #Chinese #CyberSecurity #InfoSec #InfoStealer #Linux #Mac #MacOS #NET #NuGet #OTX #OpenThreatExchange #RAT #SSH #bot #cryptocurrency #AlienVault
New in .NET 10.0 [22]: Start SDK tool extensions directly
In .NET 10.0, you can start extensions for the .NET SDK without prior installation.
#NET #DerDotnetDoktor #Developer #IT #Microsoft #Softwareentwicklung #news
TCLBANKER: Brazilian Banking Trojan Spreading via WhatsApp and Outlook
A sophisticated Brazilian banking trojan named TCLBANKER has been identified, representing a significant evolution of the MAVERICK/SORVEPOTEL malware family. The campaign employs a trojanized Logitech installer that deploys two .NET Reactor-protected modules through DLL side-loading. The banking trojan monitors 59 Brazilian financial institutions using UI Automation and features a WPF-based full-screen overlay framework for operator-driven social engineering attacks, including credential harvesting and fake system screens. A secondary worm module enables self-propagation through WhatsApp session hijacking and Outlook COM automation, sending phishing messages from victims' own accounts. The malware implements robust anti-analysis capabilities including environment-gated payload decryption, comprehensive watchdog systems, and ETW patching. Infrastructure is hosted on Cloudflare Workers, with evidence suggesting the campaign was detected in early operational stages.
Pulse ID: 69fb97e531a95b262c4925aa
Pulse Link: https://otx.alienvault.com/pulse/69fb97e531a95b262c4925aa
Pulse Author: AlienVault
Created: 2026-05-06 19:35:01
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Bank #BankingTrojan #Brazil #Cloud #CredentialHarvesting #CyberSecurity #ELF #InfoSec #Malware #NET #OTX #OpenThreatExchange #Outlook #Phishing #RAT #SocialEngineering #Trojan #WatchDog #WhatsApp #Worm #bot #AlienVault
Neu in .NET 10.0 [22]: SDK-Werkzeugerweiterungen direkt starten
In .NET 10.0 kann man Werkzeugerweiterungen für das .NET-SDK ohne vorherige Installation starten.
#NET #DerDotnetDoktor #Developer #IT #Microsoft #Softwareentwicklung #news
Copilot Studio gets faster with .NET 10 on WebAssembly
https://devblogs.microsoft.com/dotnet/copilot-studio-dotnet-10-migration/
#microsoft #NET #Developer_Stories #Performance #NET_10 #Blazor #WebAssembly
Le 15 avril 2026, le Cercle d'exploration Mastodon, qui a initié reseauCulture.fr, a présenté ses retours d'expériences à l'issue de son programme d'exploration de neuf mois. Ce fut également l’occasion d’annoncer la continuité du dispositif et son ouverture à toutes les structures culturelles désireuses de déployer leur présence sur Mastodon. Retrouvez ici le support de présentation et son enregistrement.
OAuth 2.1 spiegato semplicemente: i tre flussi che coprono ogni scenario
OAuth 2.1 elimina i flussi insicuri di OAuth 2.0 e semplifica radicalmente la scelta: tre flussi coprono ogni scenario reale. Guida pratica con esempi in .NET 10 per Client Credentials, Authorization Code con PKCE e Device Authorization.https://spcnet.it/oauth-2-1-spiegato-semplicemente-i-tre-flussi-che-coprono-ogni-scenario/
Quand on tape une adresse dans un navigateur, deux opérations se déclenchent avant que la page s'affiche. La première traduit le nom du site en adresse numérique compréhensible pour les machines : c'est le DNS. La seconde vérifie que le site en face est bien celui qu'il prétend être : c'est le rôle du certificat SSL, symbolisé par le cadenas dans la barre d'adresse. Ces deux mécanismes fonctionnent à chaque connexion, et en permanence. Et dans les deux cas, les clés sont américaines.
austin
Spcnet.it
OTX Bot
heise online English
heise Developer
.NET Blog
nico