A malicious typosquat package has been found in the Go language ecosystem. The package, which contains a backdoor to enable remote code execution, was discovered by researchers at the application security company Socket. A February 3 Socket blog post states that the package impersonates the widely used Bolt database module. The BoltDB package is widely adopted in the Go ecosystem,…
IT & Security News for Geeks