Supply chain attacks through package management systems is not new however there does not seem to be much written about nuget. Let me just fix that for you.

So this is the first time I've written about a security issue. I decided to write about this as the vendor was unresponsive and looking their previous CVEs it seems to be a pattern. The other reason is that if any organisation is using this product, most of their machines are at risk.