Security News > 2025 > February > Malicious Go Package Exploits Module Mirror Caching for Persistent Remote Access
2025-02-04 14:16
Cybersecurity researchers have called attention to a software supply chain attack targeting the Go ecosystem that involves a malicious package capable of granting the adversary remote access to infected systems. The package, named github.com/boltdb-go/bolt, is a typosquat of the legitimate BoltDB database module (github.com/boltdb/bolt), per Socket. The malicious version (1.3.1) was published to
News URL
https://thehackernews.com/2025/02/malicious-go-package-exploits-module.html
Related news
- Remote Access Checklist (source)
- BeyondTrust fixes critical vulnerability in remote access, support solutions (CVE-2024-12356) (source)
- Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools (source)
- QakBot-Linked BC Malware Adds Enhanced Remote Access and Data Gathering Features (source)