top of page
perceptive_background_267k.jpg

A pair of typosquatted Go packages posing as Google’s UUID library quietly turn helper functions into encrypted exfiltration channels to a paste site, putting d…

Published:

5 december 2025 om 13:42:12

Alert date:

5 december 2025 om 15:01:17

Source:

socket.dev

Click to open the original link from this advisory

Socket Threat Research Team discovered two malicious Go packages typosquatting Google's UUID library. The packages pose as legitimate UUID helpers while secretly exfiltrating data through encrypted channels to paste sites. This supply chain attack targets developers and CI/CD systems by impersonating a commonly used Google library. The malicious packages turn helper functions into data exfiltration mechanisms, putting sensitive developer and build system data at risk.

Technical details

Mitigation steps:

Affected products:

Google UUID Library
Go packages

Related links:

https://socket.dev/blog/malicious-go-packages-impersonate-googles-uuid-library-and-exfiltrate-data?utm_medium=feed
https://socket.dev/go/package/github.com/bpoorman/uuid

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page