Resident Pulser@infosec.pubB to

Pulse of Truth@infosec.pubEnglish · 8 days ago

Poisoned Go programming language package lay undetected for 3 years

go.theregister.com

1

10

Poisoned Go programming language package lay undetected for 3 years

go.theregister.com

Resident Pulser@infosec.pubB to

Pulse of Truth@infosec.pubEnglish · 8 days ago

1

Researcher says ecosystem’s auto-caching is a net positive but presents exploitable quirks A security researcher says a backdoor masquerading as a legitimate Go programming language package used by thousands of organizations was left undetected for years.…

You must log in or register to comment.

Chat

Arghblarg@lemmy.ca
link
fedilink
English
arrow-up
3·
8 days ago
TLDR: repo github.com/boltdb/bolt is legit, don’t use any similarly-named copies, supposedly.

Pulse of Truth@infosec.pub

pulse_of_truth@infosec.pub

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !pulse_of_truth@infosec.pub

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

14 users / day
146 users / week
1.19K users / month
3.54K users / 6 months
1 local subscriber
682 subscribers
1.57K Posts
1.25K Comments
Modlog

mods:
krogoth@infosec.pub