A new wave of malicious packages has been discovered in the NuGet package manager, marking an ongoing supply chain attack that started in August 2023. This recent campaign involves 60 malicious packages using a novel technique called IL weaving to inject harmful code into legitimate .NET binaries, ultimately delivering the SeroXen remote access trojan. The packages, disguised using homoglyphs to mimic popular open-source packages, have been taken down, but the attack underscores evolving methods to compromise software supply chains.