A new NuGet typosquatting campaign pushes malicious packages that abuse Visual Studio’s MSBuild integration to execute code and install malware stealthily. […]
from https://www.bleepingcomputer.com/news/security/malicious-nuget-packages-abuse-msbuild-to-install-malware/