Malicious NuGet Packages Stole ASP.NET Data; npm Package Dropped Malware

Published: 3 days ago (February 25, 2026 at 07:43 AM EST)

1 min read

Source: The Hacker News

Malicious NuGet Packages Target ASP.NET Developers

Exfiltrated Data

Cybersecurity researchers have discovered four malicious NuGet packages that are designed to target ASP.NET web application developers to steal sensitive data. The campaign, discovered by Socket, exfiltrates ASP.NET Identity data, including:

User accounts
Role assignments
Permission mappings

Persistent Backdoors

In addition, the attackers manipulate authorization rules to create persistent backdoors in victim applications.

Back to Blog

QuickLens Chrome extension steals crypto, shows ClickFix attack

markdown !Chrome extension screenshothttps://www.bleepstatic.com/content/hl-images/2021/09/23/Chrome.jpg QuickLens – “Search Screen with Google Lens” Chrome Ext...

Aeternum C2 Botnet Stores Encrypted Commands on Polygon Blockchain to Evade Takedown

markdown !https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiQlH8RQUmcg8IWqV76NL0o4uRe86gJ6kxLV3DRYppBAVrfFR_gMPQBFn6GIl2jd9ZgzsuwRGAGTVUbaWCj795-XZ8I3...

Malicious StripeApi NuGet Package Mimicked Official Library and Stole API Tokens

Overview Cybersecurity researchers have disclosed a new malicious package discovered on the NuGet Gallery that impersonated a library from financial services f...

Defense Contractor Employee Jailed for Selling 8 Zero-Days to Russian Broker

Ravie Lakshmanan Feb 25 2026 – Zero Day / National Security !Zero‑day exploit imagehttps://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjdiryFv5ZRzMaWgy0t...