Go supply chain incidents
18 confirmed incidents affecting the go ecosystem.
- activecritical
Malicious code in github.com/BufferZoneCorp/go-stdlib-ext (Go)
The Go package github.com/BufferZoneCorp/go-stdlib-ext contains malicious code that steals credentials, establishes SSH access, and tampers with build and workflow environment variables. The package is part of a broader cluster of malicious packages affecting both Go and RubyGems ecosystems.
GoCompromised packageMalicious maintainer - resolvedcritical
Malicious code in github.com/belatedplanet/hypert (Go)
A malicious Go package github.com/belatedplanet/hypert was identified as a typosquatting attack targeting Linux and macOS systems. The package functioned as a loader to download and execute additional malicious payloads.
GoTyposquattingCompromised package - activecritical
Malicious code in github.com/BufferZoneCorp/go-envconfig (Go)
The Go package github.com/BufferZoneCorp/go-envconfig contains malicious code that steals credentials, establishes SSH access, and tampers with build and workflow environment variables. This package is part of a broader malicious cluster affecting both Go and RubyGems ecosystems.
GoCompromised packageMalicious maintainer - activecritical
Malicious code in github.com/BufferZoneCorp/go-metrics-sdk (Go)
The Go package github.com/BufferZoneCorp/go-metrics-sdk contains malicious code that steals credentials, establishes SSH access, and tampers with build and workflow environment variables. The package is part of a broader malicious cluster affecting both Go and RubyGems ecosystems.
GoCompromised packageMalicious maintainer - activecritical
Malicious code in github.com/BufferZoneCorp/go-stdlog (Go)
The Go package github.com/BufferZoneCorp/go-stdlog contains malicious code that steals credentials, establishes SSH access, and tampers with build and workflow environment variables. It is part of a broader cluster of malicious packages affecting both Go and RubyGems ecosystems.
GoCompromised packageMalicious maintainer - containedcritical
Malicious code in github.com/utilizedsun/layout (Go)
Malicious Go package github.com/utilizedsun/layout was identified as a typosquatting attack targeting Linux and macOS systems. The package functions as a loader to download and execute additional malicious payloads.
GoTyposquattingCompromised package - resolvedcritical
Malicious code in github.com/vainreboot/layout (Go)
A malicious Go package github.com/vainreboot/layout was published as a typosquatting attack targeting Linux and macOS systems. The package functioned as a loader to download and execute additional malicious payloads.
GoTyposquattingCompromised package - activecritical
Malicious code in github.com/BufferZoneCorp/go-retryablehttp (Go)
Malicious code was discovered in the Go package github.com/BufferZoneCorp/go-retryablehttp. The package steals credentials, establishes SSH access, and tampers with build and workflow environment variables. It is part of a broader cluster of malicious packages affecting both Go and RubyGems ecosystems.
GoCompromised packageMalicious maintainer - containedcritical
Malicious code in github.com/BufferZoneCorp/net-helper (Go)
The Go package github.com/BufferZoneCorp/net-helper contains malicious code that steals credentials, establishes SSH access, and tampers with build/workflow environment variables. This package is part of a broader malicious cluster affecting both Go and RubyGems ecosystems.
GoCompromised packageMalicious maintainer - activecritical
Malicious code in github.com/BufferZoneCorp/grpc-client (Go)
The Go package github.com/BufferZoneCorp/grpc-client contains malicious code that steals credentials, establishes SSH access, and tampers with build and workflow environment variables. The package is part of a broader BufferZoneCorp and RubyGems cluster of malicious packages.
GoCompromised packageMalicious maintainer - resolvedcritical
Malicious code in github.com/thankfulmai/hypert (Go)
A malicious Go package github.com/thankfulmai/hypert was published as a typosquatting attack targeting Linux and macOS systems. The package functioned as a loader to download and execute additional malicious payloads.
GoTyposquattingCompromised package - resolvedcritical
Malicious code in github.com/shadowybulk/hypert (Go)
A malicious Go package, github.com/shadowybulk/hypert, was published as a typosquatting attack targeting Linux and macOS systems. The package functioned as a loader to download and execute additional malicious payloads.
GoTyposquattingCompromised package - resolvedcritical
Malicious code in github.com/ornatedoctrin/layout (Go)
A malicious Go package github.com/ornatedoctrin/layout was identified as a typosquatting attack targeting Linux and macOS systems. The package functioned as a loader to download and execute additional malicious payloads.
GoTyposquattingCompromised package - resolvedcritical
Malicious code in github.com/shallowmulti/hypert (Go)
A malicious Go package github.com/shallowmulti/hypert was published as a typosquatting attack, designed to act as a loader for downloading and executing additional malicious payloads on Linux and macOS systems. The package was identified and reported via the GitHub Advisory Database.
GoTyposquattingCompromised package - containedcritical
Malicious code in github.com/BufferZoneCorp/log-core (Go)
The Go package github.com/BufferZoneCorp/log-core was identified as malicious, part of a cluster that steals credentials, establishes SSH access, and tampers with build/workflow environment variables. The package was flagged by Google's open-source security research.
GoCompromised packageMalicious commit - activecritical
Malicious code in github.com/BufferZoneCorp/go-weather-sdk (Go)
The Go package github.com/BufferZoneCorp/go-weather-sdk contains malicious code that steals credentials, establishes SSH access, and tampers with build and workflow environment variables. It is part of a broader cluster of malicious packages affecting both Go and RubyGems ecosystems.
GoCompromised packageMalicious maintainer - activecritical
Malicious code in github.com/boltdb-go/bolt (Go)
github.com/boltdb-go/bolt is a malicious Go package that typosquats the legitimate BoltDB library. It contains a backdoor enabling remote code execution on systems that install it.
GoTyposquattingCompromised package - containedcritical
Malicious code in github.com/BufferZoneCorp/config-loader (Go)
The Go package github.com/BufferZoneCorp/config-loader was identified as malicious, part of a cluster of packages designed to steal credentials, establish SSH access, and tamper with build and workflow environment variables. The package was flagged by Google's open-source security research.
GoCompromised packageMalicious maintainer