Security news aggregator

Latest coverage for .NET

Stay informed on the latest .NET security updates and best practices in information security. Your hub for .NET cyber safety news and insights.

75 headlines in this view

.NET is a software development framework and ecosystem developed by Microsoft that allows developers to create applications and services across various platforms. With its comprehensive collection of libraries and compatibility with multiple programming languages, .NET is widely used for everything from server-side web applications to desktop programs.

In the context of information security, .NET provides a range of security features designed to help protect applications from threats and vulnerabilities. This includes mechanisms for authentication, authorization, secure communication, and encryption. Developers working with .NET need to be well-versed in these security capabilities to effectively safeguard their applications against potential cyber attacks, data breaches, and unauthorized access. The secure coding practices, along with the regular updates and patches in the .NET framework, are crucial for maintaining the security integrity of applications built on this platform.

Showing 20 most recent headlines of 75 Filtered view

Microsoft Security Research 1 week, 1 day ago

From poisoned search results to GPU mining: A cryptojacking campaign abusing ScreenConnect and Microsoft .NET utilities

Microsoft exposes a cryptojacking campaign using SEO poisoning and ScreenConnect to target high-performance PCs, with malicious sites also surfaced through AI chatbots. The post From poisoned search results to GPU mining: A cryptojacking campaign abusing ScreenConnect and Microsoft .NET utilities appeared first on Microsoft Security Blog.

More from Microsoft Security Research 27 May 2026, 9:35 a.m. Incident · 3 stories .NET Artificial Intelligence Cryptojacking Microsoft

Info Security Magazine 2 months ago

Phantom Project Bundles Infostealer, Crypter and RAT For Sale

Phantom Stealer .NET harvests browser credentials, cookies, cards, sessions, as stealer-as-a-service

More from Info Security Magazine 1 Apr 2026, 3:00 a.m. .NET Credentials Remote Access Trojan

The Hacker News 2 months ago

Russian CTRL Toolkit Delivered via Malicious LNK Files Hijacks RDP via FRP Tunnels

Cybersecurity researchers have discovered a remote access toolkit of Russian-origin that's distributed via malicious Windows shortcut (LNK) files that are disguised as private key folders

More from The Hacker News 31 Mar 2026, 1:18 a.m. .NET Credentials Microsoft Phishing Research Russia

The Hacker News 3 months, 1 week ago

Malicious StripeApi NuGet Package Mimicked Official Library and Stole API Tokens

Cybersecurity researchers have disclosed details of a new malicious package discovered on the NuGet Gallery, impersonating a library from financial services firm Stripe in an attempt to target the financial sector

More from The Hacker News 26 Feb 2026, 11:09 p.m. .NET API Artificial Intelligence Disclosure Finance Impersonation Library Research

The Hacker News 3 months, 1 week ago

Malicious NuGet Packages Stole ASP.NET Data; npm Package Dropped Malware

Cybersecurity researchers have discovered four malicious NuGet packages that are designed to target ASP.NET web application developers to steal sensitive data

More from The Hacker News 26 Feb 2026, 1:43 a.m. .NET Malware Node.js Research Theft Victims

Bank Info Security 5 months, 2 weeks ago

Russian Credential-Harvesting Apes Ukraine Webmail Platform

Widely Used ukr.net Is a Repeat Focus for APT28 Cyberespionage OperationsDon't expect cyber spies to respect distinctions between military and civilian networks, especially in times of war, warn researchers tracking persistent Russian military intelligence credential-harvesting attacks against users of Ukraine's popular, commercial UKR.NET webmail platform.

More from Bank Info Security 19 Dec 2025, 7:00 a.m. .NET Credentials Critical Infrastructure Military Research Russia Ukraine Widely Used

The Hacker News 5 months, 2 weeks ago

APT28 Targets Ukrainian UKR-net Users in Long-Running Credential Phishing Campaign

The Russian state-sponsored threat actor known as APT28 has been attributed to what has been described as a "sustained" credential-harvesting campaign targeting users of UKR[.]net, a webmail and news service popular in Ukraine

More from The Hacker News 18 Dec 2025, 4:30 a.m. .NET Credentials Nation State Phishing Russia Threat Actor Ukraine

The Register 5 months, 4 weeks ago

Bots, bias, and bunk: How can you tell what's real on the net?

You can improve the odds by combining skepticism, verification habits, and a few technical checks Opinion Liars, cranks, and con artists have always been with us. It's just that nowadays their reach has gone from the local pub to the globe.…

More from The Register 5 Dec 2025, 10:30 p.m. .NET

The Register 6 months, 3 weeks ago

Data breach at Chinese infosec firm reveals cyber-weapons and target list

PLUS: India’s tech services exports growing fast; South Korea puts the bite on TXT spam; NTT gets into autonomous vehicles; and more! Asia In Brief Chinese infosec blog MXRN last week reported a data breach at a security company called Knownsec that has ties to Beijing and Chinas military.…

More from The Register 10 Nov 2025, 12:51 p.m. .NET Breach China Critical Infrastructure India Leak Military South Korea Spam

Bleeping Computer 7 months, 1 week ago

QNAP warns of critical ASP.NET flaw in its Windows backup software

QNAP warned customers to patch a critical ASP.NET Core vulnerability that also impacts the company's NetBak PC Agent, a Windows utility for backing& up data to a QNAP network-attached storage (NAS) device. [...]

More from Bleeping Computer 28 Oct 2025, 5:55 a.m. .NET Backup Critical Flaw Microsoft Patch QNAP Vulnerability Warning

Bleeping Computer 7 months, 2 weeks ago

Microsoft fixes highest-severity ASP.NET Core flaw ever

Earlier this week, Microsoft patched a vulnerability that was flagged with the "highest ever" severity rating received by an ASP.NET Core security flaw. [...]

More from Bleeping Computer 18 Oct 2025, 4:35 a.m. .NET Flaw Microsoft Patch Vulnerability

The Register 7 months, 2 weeks ago

Microsoft kills 9.9-rated ASP.NET Core bug – 'our highest ever' score

Flaw in Kestrel web server allowed request smuggling, impact depends on hosting setup and application code Microsoft has patched an ASP.NET Core vulnerability with a CVSS score of 9.9, which security program manager Barry Dorrans said was "our highest ever." The flaw is in the Kestrel web server component and enables security bypass.…

More from The Register 17 Oct 2025, 2:32 a.m. .NET Bypass Flaw Microsoft Patch Vulnerability

Bank Info Security 8 months, 1 week ago

Teenage Scattered Spider Suspect Arrested in Las Vegas

Juvenile Male Tied to Hack Attacks Against MGM Resorts and Caesars EntertainmentThe net continues to close on suspected members of the notorious ransomware-wielding group called Scattered Spider, with Las Vegas police announcing the arrest of a teenage, juvenile male suspect tied to 2023 attacks that hit MGM Resorts and Caesars Entertainment.

More from Bank Info Security 23 Sep 2025, 2:30 a.m. .NET Hacking Ransomware

The Register 8 months, 3 weeks ago

Dev snared in crypto phishing net, 18 npm packages compromised

Popular npm packages debug, chalk, and others hijacked in massive supply chain attack Crims have added backdoors to at least 18 npm packages after developer Josh Junon inadvertently authorized a reset of the two-factor authentication protecting his npm account.…

More from The Register 9 Sep 2025, 7:06 a.m. .NET Authentication Compromise Cryptocurrency Node.js Phishing Supply Chain

Dark Reading 8 months, 4 weeks ago

Sitecore Zero-Day Sparks New Round of ViewState Threats

The vulnerability marks the latest example of threat actors weaponizing exposed ASP.NET machine keys for remote injection and deserialization attacks.

More from Dark Reading 6 Sep 2025, 1:30 a.m. .NET 0-Day Exposure Threat Actor Vulnerability

Info Security Magazine 9 months ago

Amazon Stops Russian APT29 Watering Hole Attack Exploiting Microsoft Auth

The campaign shows APT29’s intentions to “cast a wider net in their intelligence collection efforts,” said Amazon

More from Info Security Magazine 1 Sep 2025, 10:00 p.m. .NET Amazon Microsoft Russia

Bleeping Computer 10 months ago

Microsoft now pays up to $40,000 for some .NET vulnerabilities

Microsoft has expanded its .NET bug bounty program and increased rewards to $40,000 for some .NET and ASP.NET Core vulnerabilities. [...]

More from Bleeping Computer 1 Aug 2025, 5:23 a.m. .NET Bug Bounty Microsoft Vulnerability

Info Security Magazine 10 months, 1 week ago

Widespread Net RFQ Scam Targets High-Value Goods

A widespread RFQ scam exploited net payment terms to fraudulently obtain high-value devices

More from Info Security Magazine 23 Jul 2025, 3:30 a.m. .NET Scam

The Hacker News 10 months, 3 weeks ago

Gold Melody IAB Exploits Exposed ASP.NET Machine Keys for Unauthorized Access to Targets

The Initial Access Broker (IAB) known as Gold Melody has been attributed to a campaign that exploits leaked ASP.NET machine keys to obtain unauthorized access to organizations and peddle that access to other threat actors

More from The Hacker News 10 Jul 2025, 4:26 a.m. .NET Exploit Exposure Initial Access Leak Palo Alto Networks Threat Actor

The Hacker News 1 year ago

RVTools Official Site Hacked to Deliver Bumblebee Malware via Trojanized Installer

The official site for RVTools has been hacked to serve a compromised installer for the popular VMware environment reporting utility

More from The Hacker News 20 May 2025, 3:48 a.m. .NET Compromise Malware Outage VMware Virtualisation

Loading more headlines...