Supply-chain threat intelligence

Incident detail

criticalgo·typosquatting·github

Malicious code in github.com/boltdb-go/bolt (Go)

github.com/boltdb-go/bolt

Risk score

92

AI summary

Indexed incident for github.com/boltdb-go/bolt (go).

Description

This malicious Go package is a typosquat of the legitimate BoltDB package.
It contains a backdoor that enables remote code execution.

Technical details

Indicators

  • ghsa
    95%

Timeline

  1. Advisory published
  2. Indexed by ThreatPkg

Related incidents