#nuget — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #nuget, aggregated by home.social.
-
5 Malicious NuGet Packages Impersonate Chinese UI Libraries to Distribute Crypto Wallet and Credential Stealer
Pulse ID: 6a0160261c57f2812cc5a92c
Pulse Link: https://otx.alienvault.com/pulse/6a0160261c57f2812cc5a92c
Pulse Author: Tr1sa111
Created: 2026-05-11 04:50:46Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Chinese #CyberSecurity #InfoSec #NuGet #OTX #OpenThreatExchange #bot #Tr1sa111
-
5 Malicious NuGet Packages Impersonate Chinese UI Libraries to Distribute Crypto Wallet and Credential Stealer
Five malicious NuGet packages published under account bmrxntfj impersonate Chinese .NET libraries to deploy an infostealer targeting browser credentials, cryptocurrency wallets, SSH keys, and local files. The packages typosquat legitimate Chinese UI and infrastructure libraries, grafting .NET Reactor-protected payloads onto decompiled legitimate code. The campaign uses version rotation to evade hash-based detection, with 219 of 224 total versions unlisted but fetchable. The stealer targets 12 browsers, 8 desktop crypto wallets, and 5 browser wallet extensions, exfiltrating data to a newly-registered C2 domain. With approximately 65,000 downloads across all versions, the campaign puts tens of thousands of developer workstations and CI/CD build servers at risk. The payload executes through .NET module initializers, hooks the CLR JIT compiler, and supports cross-platform infection including Linux and macOS infrastructure.
Pulse ID: 69fcc64069bf35be793669dd
Pulse Link: https://otx.alienvault.com/pulse/69fcc64069bf35be793669dd
Pulse Author: AlienVault
Created: 2026-05-07 17:05:04Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Browser #Chinese #CyberSecurity #InfoSec #InfoStealer #Linux #Mac #MacOS #NET #NuGet #OTX #OpenThreatExchange #RAT #SSH #bot #cryptocurrency #AlienVault
-
via @dotnet : VSTest is Removing its Newtonsoft.Json Dependency
https://ift.tt/PYIZ0Ny
#VSTest #NewtonsoftJson #SystemTextJson #JSONite #dotnet11 #VisualStudio #VS2024 #dotnetTest #TestExplorer #NuGet #SecurityUpdate #SerDe #JsonDependency #BreakingChange #DotNe… -
via @dotnet : VSTest is Removing its Newtonsoft.Json Dependency
https://ift.tt/PYIZ0Ny
#VSTest #NewtonsoftJson #SystemTextJson #JSONite #dotnet11 #VisualStudio #VS2024 #dotnetTest #TestExplorer #NuGet #SecurityUpdate #SerDe #JsonDependency #BreakingChange #DotNe… -
via @dotnet : VSTest is Removing its Newtonsoft.Json Dependency
https://ift.tt/PYIZ0Ny
#VSTest #NewtonsoftJson #SystemTextJson #JSONite #dotnet11 #VisualStudio #VS2024 #dotnetTest #TestExplorer #NuGet #SecurityUpdate #SerDe #JsonDependency #BreakingChange #DotNe… -
via @dotnet : VSTest is Removing its Newtonsoft.Json Dependency
https://ift.tt/PYIZ0Ny
#VSTest #NewtonsoftJson #SystemTextJson #JSONite #dotnet11 #VisualStudio #VS2024 #dotnetTest #TestExplorer #NuGet #SecurityUpdate #SerDe #JsonDependency #BreakingChange #DotNe… -
via @dotnet : VSTest is Removing its Newtonsoft.Json Dependency
https://ift.tt/PYIZ0Ny
#VSTest #NewtonsoftJson #SystemTextJson #JSONite #dotnet11 #VisualStudio #VS2024 #dotnetTest #TestExplorer #NuGet #SecurityUpdate #SerDe #JsonDependency #BreakingChange #DotNe… -
From the .NET blog...
In case you missed it earlier...
VSTest is Removing its Newtonsoft.Json Dependency
https://devblogs.microsoft.com/dotnet/vs-test-is-removing-its-newtonsoft-json-dependency/ #dotnet #NETFramework #nuget #testing #visualstudio #vs #vstest -
From the .NET blog...
VSTest is Removing its Newtonsoft.Json Dependency
https://devblogs.microsoft.com/dotnet/vs-test-is-removing-its-newtonsoft-json-dependency/ #dotnet #NETFramework #nuget #testing #visualstudio #vs #vstest -
🎉 50 Million Downloads — still can't believe it.
Honestly, I never imagined that the libraries I build in my spare time would reach this milestone. MahApps.Metro, gong-wpf-dragdrop, IconPacks, ControlzEx and all the others — they started as passion projects, and they still are.
Thank you to everyone who uses them, reports issues, sends PRs, or just drops a kind message. You're the reason I keep going. 🙏 -
🎉 50 Million Downloads — still can't believe it.
Honestly, I never imagined that the libraries I build in my spare time would reach this milestone. MahApps.Metro, gong-wpf-dragdrop, IconPacks, ControlzEx and all the others — they started as passion projects, and they still are.
Thank you to everyone who uses them, reports issues, sends PRs, or just drops a kind message. You're the reason I keep going. 🙏 -
🎉 50 Million Downloads — still can't believe it.
Honestly, I never imagined that the libraries I build in my spare time would reach this milestone. MahApps.Metro, gong-wpf-dragdrop, IconPacks, ControlzEx and all the others — they started as passion projects, and they still are.
Thank you to everyone who uses them, reports issues, sends PRs, or just drops a kind message. You're the reason I keep going. 🙏 -
🎉 50 Million Downloads — still can't believe it.
Honestly, I never imagined that the libraries I build in my spare time would reach this milestone. MahApps.Metro, gong-wpf-dragdrop, IconPacks, ControlzEx and all the others — they started as passion projects, and they still are.
Thank you to everyone who uses them, reports issues, sends PRs, or just drops a kind message. You're the reason I keep going. 🙏 -
🎉 50 Million Downloads — still can't believe it.
Honestly, I never imagined that the libraries I build in my spare time would reach this milestone. MahApps.Metro, gong-wpf-dragdrop, IconPacks, ControlzEx and all the others — they started as passion projects, and they still are.
Thank you to everyone who uses them, reports issues, sends PRs, or just drops a kind message. You're the reason I keep going. 🙏 -
Terminaux 8.2 is coming soon!
Stay tuned for the release on GitHub and on NuGet!
#Terminaux #Colorimetry #GitHub #NuGet #TechNews #TechUpdates #csharp #programming #dotnet
https://officialaptivi.wordpress.com/2026/03/13/terminaux-8-2-is-coming-soon/
-
If anyone is interested in contributing to #NuGetDefense
I just opened an issue for moving the OSS Index source to their new compatibility endpoint ( #sonatype will continue to offer free usage via Sonatype Guide or the compatibility API).I'm going to look into creating a proper source for the newer Sonatype Guide API but it will not be soon unless someone wants to take on something a little more challenging.
-
#TIL If a #NuGet package, such as System.CommandLine, provides satellite assemblies for localized strings, you can bundle only selected ones. To do this, add a line in your #CsProj like this:
<SatelliteResourceLanguages>fr;de;he;uk</SatelliteResourceLanguages>
BTW, I don't know how to skip bundling them at all, maybe an empty tag will suffice. #DotNet #CSharp #MSBuild #Programming -
I've just released SharpSync, my pure .NET file synchronization library supporting multiple storage backends with bidirectional sync, conflict resolution, and progress reporting. It is needed for a future project I'm now working on, but I decided to #OpenSource it.
#GitHub: https://github.com/Oire/sharp-sync
#NuGet: https://www.nuget.org/packages/Oire.SharpSync/1.0.0
#CSharp #DotNet #FileSync #Library -
NuGet пакеты, которые ты не ожидал
Меня зовут Степан, я C# профессионал уже более 7 лет на рынке и рассказываю об этом в Telegram каналe StepOne . В этой статье я покажу вам личную подборку 9ти underground NuGet пакетов. Вы наверняка не встречали их на работе, потому что они либо решают конкретную специальную задачу, либо решают известные задачи нестандартным подходом, либо ещё недостаточно известны на рынке РФ. Мне же удалось затащить их на прод и пощупать в бою! dotnet nuget add package "StepOne"
https://habr.com/ru/articles/987268/
#csharp #dotnet #nuget #nugetorg #nuget_package #library #github #open_source #microsoft #net_core
-
🚨 New threat research: An impostor #NuGet package typosquatted a popular .NET tracing library and its author, using homoglyph tricks to blend in, then exfiltrated #Stratis wallet JSON and passwords to a Russian IP address.
Full report →
https://socket.dev/blog/malicious-nuget-package-typosquats-popular-net-tracing-library #dotnet -
TWO great projects queue up.
1. Bot detection - uses the same technique as in node (lists) to give requests a score and a filter to block access to endpoints.
2. Alttext local generator. A Nuget package which uses state of the art Image LLMs to generate useful alttext automatically (with just an api call alttexrService.AltTextFor(image)
and OCR (text from images).'Unlicens' d OF COURSE. And with articles and docs.
Filling in gaps where I've found cool things on other platforms (python / Javascript) and thought 'hey .net could do with that'.
-
StructPadding
Представляю свою библиотеку для обнуления байт выравнивания (padding) в unmanaged структурах. Обнуление байт паддинга (padding) обеспечивает детерминированное состояние памяти, что критически важно для двоичного сравнения или вычисления хэша. И не менее важно при бинарной сериализации.
-
Heute erstmal #VisualStudio 2026 und die neue #Rider und #Resharper Version installiert. Dabei einen Crash beim ersten Start von Rider gehabt und ihn an #Jetbrains gemeldet. Danach dann unser Projekt auf .NET 10 umgestellt und dabei gemerkt, dass noch das #Npgsql #NuGet Package fehlt, um komplett umzustellen. Also noch etwas warten... ansonsten hat alles funktioniert 😄!
-
Heute erstmal #VisualStudio 2026 und die neue #Rider und #Resharper Version installiert. Dabei einen Crash beim ersten Start von Rider gehabt und ihn an #Jetbrains gemeldet. Danach dann unser Projekt auf .NET 10 umgestellt und dabei gemerkt, dass noch das #Npgsql #NuGet Package fehlt, um komplett umzustellen. Also noch etwas warten... ansonsten hat alles funktioniert 😄!
-
Heute erstmal #VisualStudio 2026 und die neue #Rider und #Resharper Version installiert. Dabei einen Crash beim ersten Start von Rider gehabt und ihn an #Jetbrains gemeldet. Danach dann unser Projekt auf .NET 10 umgestellt und dabei gemerkt, dass noch das #Npgsql #NuGet Package fehlt, um komplett umzustellen. Also noch etwas warten... ansonsten hat alles funktioniert 😄!
-
Heute erstmal #VisualStudio 2026 und die neue #Rider und #Resharper Version installiert. Dabei einen Crash beim ersten Start von Rider gehabt und ihn an #Jetbrains gemeldet. Danach dann unser Projekt auf .NET 10 umgestellt und dabei gemerkt, dass noch das #Npgsql #NuGet Package fehlt, um komplett umzustellen. Also noch etwas warten... ansonsten hat alles funktioniert 😄!
-
Heute erstmal #VisualStudio 2026 und die neue #Rider und #Resharper Version installiert. Dabei einen Crash beim ersten Start von Rider gehabt und ihn an #Jetbrains gemeldet. Danach dann unser Projekt auf .NET 10 umgestellt und dabei gemerkt, dass noch das #Npgsql #NuGet Package fehlt, um komplett umzustellen. Also noch etwas warten... ansonsten hat alles funktioniert 😄!
-
via @dotnet : Announcing Sponsorship on NuGet.org
https://ift.tt/qpZLMFu
#NuGet #Sponsorship #DotNet #PackageMaintainers #OpenSource #SupportDevelopers #CommunityGrowth #SustainableEcosystem #Funding #GitHubSponsors #Patreon #OpenCollective #KoFi #… -
via @dotnet : Announcing Sponsorship on NuGet.org
https://ift.tt/qpZLMFu
#NuGet #Sponsorship #DotNet #PackageMaintainers #OpenSource #SupportDevelopers #CommunityGrowth #SustainableEcosystem #Funding #GitHubSponsors #Patreon #OpenCollective #KoFi #… -
via @dotnet : New Trusted Publishing enhances security on NuGet.org
https://ift.tt/FWdNpaR
#TrustedPublishing #NuGet #GitHubActions #Security #ShortLivedKeys #APIkeys #SoftwareDevelopment #OpenSSF #NuGetCommunity #SecurePublishing #DevOps #CI #Cont… -
Simple modenized .NET NuGet server reached RC
https://github.com/kekyo/nuget-server
#HackerNews #Simple #modenized #.NET #NuGet #server #reached #RC #GitHub #NuGetServer #.NETDevelopment #SoftwareRelease #OpenSource
-
Simple modenized .NET NuGet server reached RC
https://github.com/kekyo/nuget-server
#HackerNews #Simple #modenized #.NET #NuGet #server #reached #RC #GitHub #NuGetServer #.NETDevelopment #SoftwareRelease #OpenSource
-
Simple modenized .NET NuGet server reached RC
https://github.com/kekyo/nuget-server
#HackerNews #Simple #modenized #.NET #NuGet #server #reached #RC #GitHub #NuGetServer #.NETDevelopment #SoftwareRelease #OpenSource
-
Simple modenized .NET NuGet server reached RC
https://github.com/kekyo/nuget-server
#HackerNews #Simple #modenized #.NET #NuGet #server #reached #RC #GitHub #NuGetServer #.NETDevelopment #SoftwareRelease #OpenSource
-
Simple modenized .NET NuGet server reached RC
https://github.com/kekyo/nuget-server
#HackerNews #Simple #modenized #.NET #NuGet #server #reached #RC #GitHub #NuGetServer #.NETDevelopment #SoftwareRelease #OpenSource
-
via @dotnet : Announcing the NuGet MCP Server Preview
https://ift.tt/QbdgEc8
#NuGet #MCPServer #DotNet #AI #PackageManagement #RealTimeIntegration #DevelopmentTools #DependencyManagement #OpenStandard #MicrosoftResearch #PreviewRelease #Feedback #CodingAgent #Vi… -
via @dotnet : Announcing the NuGet MCP Server Preview
https://ift.tt/QbdgEc8
#NuGet #MCPServer #DotNet #AI #PackageManagement #RealTimeIntegration #DevelopmentTools #DependencyManagement #OpenStandard #MicrosoftResearch #PreviewRelease #Feedback #CodingAgent #Vi… -
The new Dependabot NuGet updater: 65% faster with native .NET
https://devblogs.microsoft.com/dotnet/the-new-dependabot-nuget-updater/#microsoft #NET #NuGet #Dependabot #msbuild #Package_Management #performance #Security
-
via @dotnet : The new Dependabot NuGet updater: 65% faster with native .NET
https://ift.tt/sbOruqD
#Dependabot #NuGet #DotNet #DependencyManagement #SoftwareDevelopment #PerformanceImprovement #Automation #OpenSource #GitHub #DevOps #CSharp #MSBuild #PackageMana… -
Let's go and break the 40.000.000 #NuGet wall
https://www.nuget.org/profiles/punker76
#OSS #MahApps #IconPacks #ControlzEx #Avalonia #WPF #XAML #MVPBuzz -
via @dotnet : Using AI Foundry with .NET MAUI
https://ift.tt/pt0E6UC
#AI #Foundry #DotNetMAUI #Microsoft #MobileDevelopment #DesktopDevelopment #AIInApps #MachineLearning #NuGet #AIIntegration #DeveloperTips #Coding #Programming #AppDevelopment #TaskManagement #… -
Semantic Kernel: Package previews, Graduations & Deprecations.
-
#gamedev #indiedev #dotnet #nuget #csharp #fsharp #visualbasic #box2d #gamephysics HughPH.Box2D package now has Box2D multithreading by default, and World events for BodyMove, Contacts & Sensors and with (optional) parallel event execution in the latest prerelease version :)
HughPH.Box2D 2025.5.11.226 -
via @dotnet : How we ended up rewriting NuGet Restore in .NET 9
https://ift.tt/7IYrfjh
#NuGet #DotNet9 #SoftwareEngineering #PerformanceOptimization #DependencyManagement #Microsoft #VisualStudio #Coding #DeveloperProductivity #OpenSource #TechBlog #SoftwareDeve… -
via @dotnet : .NET MAUI Performance Features in .NET 9
https://ift.tt/RkqBMNo
#DotNet #MAUI #DotNet9 #Performance #NativeAOT #Trimming #ApplicationSize #StartupTime #NuGet #Development #XAML #CompiledBindings #Profiling #DotNetTrace #DotNetGcdump #CrossPlatform …