The Hacker News

Fake Nethereum NuGet Package Used Homoglyph Trick to Steal Crypto Wallet Keys

Malicious NuGet package mimicking Nethereum stole crypto wallet keys using homoglyph tricks and fake downloads.

NET: A Heart and Sponsorship for NuGet Maintainers

NuGet package maintainers can now receive financial support from their users by adding sponsorship URLs to their packages.
Visual Studio Magazine

NuGet Inside the Firewall

NuGet extends Visual Studio by simplifying the process of installing and updating third-party libraries and tools. It has limitations in a local private network, however. Here's what you need to know, ...
Visual Studio Magazine

NuGet.org Adds Sponsorship Links to Support Package Maintainers

New NuGet.org feature lets package authors add sponsor links so users can support maintainers directly through approved funding platforms.
Developer Tech

NuGet attack highlights open-source software supply chain risk

An attack on the NuGet package registry shows how advanced open-source software supply chain attacks have become.
Redmond Magazine

How To Set Up an Internal NuGet Repository in PowerShell

As an organization grows larger, the need for a centralized repository of software and PowerShell modules will increase. Eventually, it becomes cumbersome to access resources from a file share. This ...
Ars Technica

nuget is utter garbage.

* Preface: I'm sure it's worked flawlessly for you since day one, and I am somehow an incompetent fool that can't RTFM. However, I base my opinions on facts from experience. I've had no problems with ...
Bleeping Computer

Popular open source project Moq criticized for quietly collecting data

Open source project Moq (pronounced "Mock") has drawn sharp criticism for quietly including a controversial dependency in its latest release. Distributed on the NuGet software registry, Moq sees over ...