Hidden backdoor in Go package remained undetected for years

Go, a popular programming language prioritizing memory safety and security, was exploited in a supply chain attack through the Google proxy service, affecting the boltdb package. The malicious module contained a backdoor payload, allowing threat actors to control infected systems through a hidden IP and port address. Despite facing resistance, security company Socket Inc. played a crucial role in getting the malicious package removed from Google’s Go Module Mirror.

Full Article

Hidden backdoor in Go package remained undetected for years

‘BACK TO PLASTIC!’: Trump, by executive order, wants plastic straws

Mikel Arteta wants to strengthen Arsenal defence by signing £70 million-rated centre-back amid Real Madrid interest in William Saliba: Reports

Related Posts

Musk and Altman Face Accusations in OpenAI Trial

UK regulator investigates Microsoft Office for antitrust concerns

Men use vocal fry more than women, contrary to stereotypes

Stealer backdoor discovered in three Node-IPC versions targeting developer secrets

Subnautica 2 launches successfully on Steam

Dyson adds camera to air purifier for improved air circulation

CATEGORIES

LATEST NEWS STORIES

Welcome Back!

Retrieve your password