A set of nine malicious NuGet packages has been identified as capable of dropping time-delayed payloads to sabotage database operations and corrupt industrial control systems.According to software supply chain security company Socket, the packages were published in 2023 and 2024 by a user named “shanhai666” and are designed to run malicious code after specific trigger dates in August 2027 and
First seen on thehackernews.com
Jump to article: thehackernews.com/2025/11/hidden-logic-bombs-in-malware-laced.html
