Boleto

A malicious NuGet package posing as a Sicoob SDK stole banking credentials and certificate data from developers before being blocked, according to a technical analysis. Researchers said the package could expose payment-related API responses too.