Security News > 2025 > February > Malicious Go Package Exploits Module Mirror Caching for Persistent Remote Access
2025-02-04 14:16
Cybersecurity researchers have called attention to a software supply chain attack targeting the Go ecosystem that involves a malicious package capable of granting the adversary remote access to infected systems. The package, named github.com/boltdb-go/bolt, is a typosquat of the legitimate BoltDB database module (github.com/boltdb/bolt), per Socket. The malicious version (1.3.1) was published to
News URL
https://thehackernews.com/2025/02/malicious-go-package-exploits-module.html
Related news
- QakBot-Linked BC Malware Adds Enhanced Remote Access and Data Gathering Features (source)
- Kimsuky hackers use new custom RDP Wrapper for remote access (source)
- New “whoAMI” Attack Exploits AWS AMI Name Confusion for Remote Code Execution (source)
- New Linux Malware ‘Auto-Color’ Grants Hackers Full Remote Access to Compromised Systems (source)