Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot

GeoServer Exploits, PolarEdge, and Gayfemboy Push Cybercrime Beyond Traditional Botnets

Linux Malware Delivered via Malicious RAR Filenames Evades Antivirus Detection

Chinese Hackers Murky, Genesis, and Glacial Panda Escalate Cloud and Telecom Espionage

INTERPOL Arrests 1,209 Cybercriminals Across 18 African Nations in Global Crackdown

Cybersecurity researchers have discovered a malicious Go module that presents itself as a brute-force tool for SSH but actually contains functionality to discreetly exfiltrate credentials to its creator.
"On the first successful login, the package sends the target IP address, username, and password to a hard-coded Telegram bot controlled by the threat actor," Socket researcher Kirill Boychenko

Headline

Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot

The Hacker News: Latest News