Joint Research by illustria and Checkmarx

Dec 14th 2022

Joint research of Checkmarx and Illustria reveals a new attack vector in NuGet ecosystem: attackers spam open-source ecosystems with packages containing links to phishing campaigns. Illustria’s and Checkmarx’s teams have disclosed this info to NuGet security and the packages were unlisted. Read more here.