Cybersecurity researchers have discovered a new malicious NuGet package that typosquats and impersonates the popular .NET tracing library and its author to sneak in a cryptocurrency wallet stealer.
The malicious package, named « Tracer.Fody.NLog, » remained on the repository for nearly six years. It was published by a user named « csnemess » on February 26, 2020. It masquerades as « Tracer.Fody, »
