Cybersecurity analysts have uncovered a harmful Go module that masquerades as a brute-force utility for SSH but genuinely incorporates features to stealthily transfer credentials to its originator.
“Upon the initial successful login, the package transmits the target IP address, username, and password to a predefined Telegram bot managed by the malicious actor,” stated Socket researcher Kirill Boychenko.