Rewards Hub Malicious NuGet packages uploaded by the account 'shanihai666' in 2025 are designed to disrupt databases and industrial PLCs, with activation set between August 2027 and November 2028. Discovered by Socket, these nine packages have been downloaded 9,488 times. The code, hidden within legitimate libraries, uses typosquatting tactics to target Microsoft SQL Server, PostgreSQL, SQLite, and Siemens S7 PLCs.
Once activated, the packages have a 20% chance of causing process termination or data corruption. This threat highlights the ongoing risks posed by malicious actors exploiting software distribution platforms to infiltrate critical systems.
Malicious NuGet Packages Target Databases and PLCs for 2027 Activation
Disclaimer: The content provided on Phemex News is for informational purposes only. We do not guarantee the quality, accuracy, or completeness of the information sourced from third-party articles. The content on this page does not constitute financial or investment advice. We strongly encourage you to conduct you own research and consult with a qualified financial advisor before making any investment decisions.