{"id":"MAL-2025-2548","summary":"Malicious code in github.com/shallowmulti/hypert (Go)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: google-open-source-security (25d0e55a48f82ab8ddd5e90d258c133505fa7fea03b775c1987e0dd7f9453f08)\nMalcious typosquatting Go packages targeting Linux and macOS systems used to\nas a loader to download and run another malicious payload.\n","modified":"2025-03-19T23:58:41Z","published":"2025-03-19T23:58:41Z","database_specific":{"malicious-packages-origins":[{"source":"google-open-source-security","modified_time":"2025-03-19T23:58:41Z","ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"import_time":"2025-03-20T00:02:04.753834Z","sha256":"25d0e55a48f82ab8ddd5e90d258c133505fa7fea03b775c1987e0dd7f9453f08"}]},"references":[{"type":"ARTICLE","url":"https://socket.dev/blog/typosquatted-go-packages-deliver-malware-loader"}],"affected":[{"package":{"name":"github.com/shallowmulti/hypert","ecosystem":"Go","purl":"pkg:golang/github.com/shallowmulti/hypert"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/go/github.com/shallowmulti/hypert/MAL-2025-2548.json"}}],"schema_version":"1.7.3","credits":[{"name":"Socket","type":"FINDER"}]}