Cybersecurity researchers have discovered a malicious Go module that presents itself as a brute-force tool for SSH but actually contains functionality to discreetly exfiltrate credentials to its creator.
« On the first successful login, the package sends the target IP address, username, and password to a hard-coded Telegram bot controlled by the threat actor, » Socket researcher Kirill Boychenko
