Phylum Discovers SeroXen RAT in Typosquatted NuGet Package
blog.phylum.io
On October 6, 2023, Phylum’s automated risk detection platform alerted us to a suspicious publication on NuGet. After working through several layers of obfuscation we ultimately discovered that this package was delivering SeroXen RAT. Background The package in question is Pathoschild.Stardew.Mod.Build.Config published by a user