Malicious NuGet package targets Stripe

ReversingLabs discovered a typosquatting NuGet package, StripeAPI.net, that closely mimics the popular Stripe.net library and contains injected code to capture Stripe API tokens and exfiltrate them to a Supabase-hosted database; the package used visual spoofing and inflated version/download counts to appear legitimate, but investigators found no evidence of real exfiltrated tokens and NuGet removed the package after notification.