Sicoob news

A malicious NuGet package, "Sicoob.Sdk," is impersonating a software development kit for a major Brazilian financial system. Versions 2.0.0 to 2.0.4 are designed to steal sensitive developer information, including client IDs and PFX certificates, posing a significant software supply chain security risk.