Cybersecurity analysts have identified a collection of 11 harmful Go packages intended to retrieve extra payloads from distant servers and run them on both Windows and Linux platforms.
“During execution, the code discreetly initiates a shell, fetches a secondary payload from a rotating array of .icu and .tech command-and-control (C2) servers, and executes it within memory,” Socket security.