Security researchers warn of a broader spike in supply chain attacks across npm and related ecosystems, with 14 malicious npm packages targeting cloud CI/CD secrets and campaigns using typosquatting and manufactured legitimacy to harvest credentials.

Versions 2.0.0 through 2.0.4 of Sicoob.Sdk exfiltrate client IDs, PFX certificate data, and PFX passwords by reading local PFX files, Base64-encoding them, and sending the data to a hardcoded Sentry endpoint, alongside captured Boleto API responses.

A malicious NuGet package called Sicoob.Sdk impersonates a Sicoob C# SDK to steal banking credentials and certificates from developers.

Threat actor behind the packages is identified as vpmdhaj ([email protected]), with a campaign dated May 28, 2026, introducing multiple related packages targeting OpenSearch and similar tools.

Security recommendations call for immediately removing the Sicoob.Sdk package, treating PFX materials as compromised, rotating PFX passwords and client IDs, and auditing authentication and API logs for anomalies.

Industry commentary notes a move from simple typosquatting to more sophisticated legitimacy-seeking attacks that compromise downstream systems via compromised dependencies.

Observers tie this incident to ongoing supply chain attack trends across npm, PyPI, Docker Hub, and Packagist, underscoring the need for rigorous package vetting and secret management.

The attack leverages a misleading GitHub–NuGet mismatch and Google Search AI Mode to appear legitimate, broadening reach among developers seeking Sicoob integration.