Bleeping Computer

Malicious NuGet packages abuse MSBuild to install malware

A new NuGet typosquatting campaign pushes malicious packages that abuse Visual Studio's MSBuild integration to execute code and install malware stealthily. NuGet is an open-source package manager and ...
Ars Technica

MSBuild and .netmodule project references

I've got a medium sized VS2008 solution with several native C++ projects, several C++/CLI projects, and a couple of C# projects in it (one of which outputs a DLL and the other outputs a .netmodule).
CSOonline

Malicious package campaign on NuGet abuses MSBuild integrations

Attackers are exploiting for the first time a known security risk in a popular MSBuild feature to place hard-to-detect malicious files in the .NET repository. Attackers are constantly coming up with ...