Lucene search
K

5 matches found

The Hacker News
The Hacker News
added 2025/08/07 1:19 p.m.6 views

Malicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipes

Cybersecurity researchers have discovered a set of 11 malicious Go packages that are designed to download additional payloads from remote servers and execute them on both Windows and Linux systems. "At runtime the code silently spawns a shell, pulls a second-stage payload from an interchangeable...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2025/03/05 7:7 a.m.20 views

Seven Malicious Go Packages Found Deploying Malware on Linux and macOS Systems

Cybersecurity researchers are alerting of an ongoing malicious campaign targeting the Go ecosystem with typosquatted modules that are designed to deploy loader malware on Linux and Apple macOS systems. "The threat actor has published at least seven packages impersonating widely used Go libraries,...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/04 2:16 p.m.13 views

Malicious Go Package Exploits Module Mirror Caching for Persistent Remote Access

Cybersecurity researchers have called attention to a software supply chain attack targeting the Go ecosystem that involves a malicious package capable of granting the adversary remote access to infected systems. The package, named github.com/boltdb-go/bolt, is a typosquat of the legitimate BoltDB...

8.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/11/14 12:0 a.m.5 views

Fedora 37 : golang-github-facebookincubator-contest / etc (2022-53fdd2d9c4)

The remote Fedora 37 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2022-53fdd2d9c4 advisory. Rebuild for CVE-2022-24675,28327,29526 in golang and other go ecosystem CVEs These packages were missed in the initial rawhide go ecosystem rebuild a couple...

5.6AI score
Exploits0References1
Filippo.io
Filippo.io
added 2024/01/30 5:48 p.m.26 views

Post-quantum Cryptography for the Go Ecosystem

filippo.io/mlkem768 is a pure-Go implementation of ML-KEM-768 optimized for correctness and readability. ML-KEM formerly known as Kyber, renamed because we can't have nice things is a post-quantum key exchange mechanism in the process of being standardized by NIST and adopted by most of the...

6.7AI score
Exploits0
Rows per page
Query Builder