Malicious Go Package Exploits Module Mirror Caching for Persistent Remote Access
Malicious Go Package Exploits Module Mirror Caching for Persistent Remote Access
04 February 2025
Cybersecurity researchers have called attention to a software supply chain attack targeting the Go ecosystem that involves a malicious package capable of granting the adversary remote access to infected systems.
The package, named github.com/boltdb-go/bolt, is a typosquat of the legitimate BoltDB database module (github.com/boltdb/bolt), per Socket. The malicious version (1.3.1) was published to