Skip to content
supplychainattack.orgSupply chain attack incident catalog

Go supply chain incidents

18 confirmed incidents affecting the go ecosystem.

  1. activecritical

    Malicious code in github.com/BufferZoneCorp/go-stdlib-ext (Go)

    The Go package github.com/BufferZoneCorp/go-stdlib-ext contains malicious code that steals credentials, establishes SSH access, and tampers with build and workflow environment variables. The package is part of a broader cluster of malicious packages affecting both Go and RubyGems ecosystems.

    GoCompromised packageMalicious maintainer
  2. resolvedcritical

    Malicious code in github.com/belatedplanet/hypert (Go)

    A malicious Go package github.com/belatedplanet/hypert was identified as a typosquatting attack targeting Linux and macOS systems. The package functioned as a loader to download and execute additional malicious payloads.

    GoTyposquattingCompromised package
  3. activecritical

    Malicious code in github.com/BufferZoneCorp/go-envconfig (Go)

    The Go package github.com/BufferZoneCorp/go-envconfig contains malicious code that steals credentials, establishes SSH access, and tampers with build and workflow environment variables. This package is part of a broader malicious cluster affecting both Go and RubyGems ecosystems.

    GoCompromised packageMalicious maintainer
  4. activecritical

    Malicious code in github.com/BufferZoneCorp/go-metrics-sdk (Go)

    The Go package github.com/BufferZoneCorp/go-metrics-sdk contains malicious code that steals credentials, establishes SSH access, and tampers with build and workflow environment variables. The package is part of a broader malicious cluster affecting both Go and RubyGems ecosystems.

    GoCompromised packageMalicious maintainer
  5. activecritical

    Malicious code in github.com/BufferZoneCorp/go-stdlog (Go)

    The Go package github.com/BufferZoneCorp/go-stdlog contains malicious code that steals credentials, establishes SSH access, and tampers with build and workflow environment variables. It is part of a broader cluster of malicious packages affecting both Go and RubyGems ecosystems.

    GoCompromised packageMalicious maintainer
  6. containedcritical

    Malicious code in github.com/utilizedsun/layout (Go)

    Malicious Go package github.com/utilizedsun/layout was identified as a typosquatting attack targeting Linux and macOS systems. The package functions as a loader to download and execute additional malicious payloads.

    GoTyposquattingCompromised package
  7. resolvedcritical

    Malicious code in github.com/vainreboot/layout (Go)

    A malicious Go package github.com/vainreboot/layout was published as a typosquatting attack targeting Linux and macOS systems. The package functioned as a loader to download and execute additional malicious payloads.

    GoTyposquattingCompromised package
  8. activecritical

    Malicious code in github.com/BufferZoneCorp/go-retryablehttp (Go)

    Malicious code was discovered in the Go package github.com/BufferZoneCorp/go-retryablehttp. The package steals credentials, establishes SSH access, and tampers with build and workflow environment variables. It is part of a broader cluster of malicious packages affecting both Go and RubyGems ecosystems.

    GoCompromised packageMalicious maintainer
  9. containedcritical

    Malicious code in github.com/BufferZoneCorp/net-helper (Go)

    The Go package github.com/BufferZoneCorp/net-helper contains malicious code that steals credentials, establishes SSH access, and tampers with build/workflow environment variables. This package is part of a broader malicious cluster affecting both Go and RubyGems ecosystems.

    GoCompromised packageMalicious maintainer
  10. activecritical

    Malicious code in github.com/BufferZoneCorp/grpc-client (Go)

    The Go package github.com/BufferZoneCorp/grpc-client contains malicious code that steals credentials, establishes SSH access, and tampers with build and workflow environment variables. The package is part of a broader BufferZoneCorp and RubyGems cluster of malicious packages.

    GoCompromised packageMalicious maintainer
  11. resolvedcritical

    Malicious code in github.com/thankfulmai/hypert (Go)

    A malicious Go package github.com/thankfulmai/hypert was published as a typosquatting attack targeting Linux and macOS systems. The package functioned as a loader to download and execute additional malicious payloads.

    GoTyposquattingCompromised package
  12. resolvedcritical

    Malicious code in github.com/shadowybulk/hypert (Go)

    A malicious Go package, github.com/shadowybulk/hypert, was published as a typosquatting attack targeting Linux and macOS systems. The package functioned as a loader to download and execute additional malicious payloads.

    GoTyposquattingCompromised package
  13. resolvedcritical

    Malicious code in github.com/ornatedoctrin/layout (Go)

    A malicious Go package github.com/ornatedoctrin/layout was identified as a typosquatting attack targeting Linux and macOS systems. The package functioned as a loader to download and execute additional malicious payloads.

    GoTyposquattingCompromised package
  14. resolvedcritical

    Malicious code in github.com/shallowmulti/hypert (Go)

    A malicious Go package github.com/shallowmulti/hypert was published as a typosquatting attack, designed to act as a loader for downloading and executing additional malicious payloads on Linux and macOS systems. The package was identified and reported via the GitHub Advisory Database.

    GoTyposquattingCompromised package
  15. containedcritical

    Malicious code in github.com/BufferZoneCorp/log-core (Go)

    The Go package github.com/BufferZoneCorp/log-core was identified as malicious, part of a cluster that steals credentials, establishes SSH access, and tampers with build/workflow environment variables. The package was flagged by Google's open-source security research.

    GoCompromised packageMalicious commit
  16. activecritical

    Malicious code in github.com/BufferZoneCorp/go-weather-sdk (Go)

    The Go package github.com/BufferZoneCorp/go-weather-sdk contains malicious code that steals credentials, establishes SSH access, and tampers with build and workflow environment variables. It is part of a broader cluster of malicious packages affecting both Go and RubyGems ecosystems.

    GoCompromised packageMalicious maintainer
  17. activecritical

    Malicious code in github.com/boltdb-go/bolt (Go)

    github.com/boltdb-go/bolt is a malicious Go package that typosquats the legitimate BoltDB library. It contains a backdoor enabling remote code execution on systems that install it.

    GoTyposquattingCompromised package
  18. containedcritical

    Malicious code in github.com/BufferZoneCorp/config-loader (Go)

    The Go package github.com/BufferZoneCorp/config-loader was identified as malicious, part of a cluster of packages designed to steal credentials, establish SSH access, and tamper with build and workflow environment variables. The package was flagged by Google's open-source security research.

    GoCompromised packageMalicious maintainer