Malicious NuGet Package as Sicoob SDK Exfiltrates Banking Passwords

A newly discovered malicious NuGet package masquerading as an official Sicoob software development kit (SDK) has been caught exfiltrating highly sensitive banking credentials, raising serious concerns about software supply chain security in financial ecosystems. The package, published under the name “Sicoob. Sdk,” targeted developers building integrations with Brazil’s Sicoob banking APIs and silently harvested authentication […] The post Malicious NuGet Package as Sicoob SDK Exfiltrates Banking Passwords appeared first on Cyber Security News.