Key Findings A malicious NuGet package, codenamed "StripeApi.Net", was discovered impersonating the legitimate "Stripe.net" library from the financial services firm Stripe. The package was uploaded to the NuGet Gallery on February 16, 2026 by a user named "StripePayments". The package's NuGet page was designed to closely resemble the official Stripe.net package, using the same icon and a nearly identical readme. The package had an artificially inflated download count of over
