Malicious Go Package Exploits Module Mirror Caching for Persistent Remote Access – The Hacker News

by [email protected] (The Hacker News) · February 4, 2025

Cybersecurity researchers have called attention to a software supply chain attack targeting the Go ecosystem that involves a malicious package capable of granting the adversary remote access to infected systems.
The package, named github.com/boltdb-go/bolt, is a typosquat of the legitimate BoltDB database module (github.com/boltdb/bolt), per Socket. The malicious version (1.3.1) was published to –

Malicious Go Package Exploits Module Mirror Caching for Persistent Remote Access – The Hacker News

Leave a Reply Cancel reply

Recent Posts