• bad_news@lemmy.billiam.net
    link
    fedilink
    arrow-up
    0
    ·
    1 month ago

    Didn’t beaconDB have a thing where their Go library was compromised for like a year, or am I thinking of another project? 😬

    • unique_hemp@discuss.tchncs.de
      link
      fedilink
      arrow-up
      0
      ·
      1 month ago

      If you’re thinking about the recent thing, the real Go library (boltdb/bolt) was not compromised at all. The malware was in a similarly named package (boltdb-go/bolt), this is called “typosquatting”.

      Link to article