Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets

Malicious NuGet and npm packages target banking credentials and cloud secrets in active supply chain attacks.

• •Sicoob.Sdk NuGet package steals PFX certificates via Sentry endpoints
• •14 npm packages harvest AWS credentials, Vault tokens, and CI/CD secrets through preinstall hooks
• •Recent campaigns use 164 postinstall, 141 ad-proxy, and 176 dependency confusion packages
• •Attackers employ "manufactured legitimacy" with plausible names instead of typosquatting
• •TeamPCP poisons npm, PyPI, Docker Hub, and Packagist developer tools

This summary was automatically generated by AI based on the original article and may not be fully accurate.