{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreic3m2sxf5vsi7xiy25oxbizeqzpxizhi3yrdw5eatuzs3wobj76cy",
    "uri": "at://did:plc:ghkvexthfanuyq7fb5veq6tw/app.bsky.feed.post/3mmyktlj2izy2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreigqiu5ib5xfurrmc4p7b7tnu2lxh3hox53yfsjviqadglxeidbb2i"
    },
    "mimeType": "image/jpeg",
    "size": 152547
  },
  "path": "/2026/05/malicious-sicoob-nuget-steals-banking.html",
  "publishedAt": "2026-05-29T09:11:25.000Z",
  "site": "https://thehackernews.com",
  "textContent": "Cybersecurity researchers have discovered a malicious NuGet package that masquerades as a C# software development kit for Sicoob, one of Brazil's largest cooperative financial systems, to siphon client IDs and PFX certificates.\n\nAccording to Socket, versions 2.0.0 through 2.0.4 of \"Sicoob.Sdk\" contain functionality to exfiltrate sensitive information, including PFX certificates that are used to",
  "title": "Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets"
}