Cybersecurity researchers have discovered a set of 11 malicious Go packages that are designed to download additional payloads from remote servers and execute them on both Windows and Linux systems.”At runtime the code silently spawns a shell, pulls a second-stage payload from an interchangeable set of .icu and .tech command-and-control (C2) endpoints, and executes it in memory,” Socket security
First seen on thehackernews.com
Jump to article: thehackernews.com/2025/08/malicious-go-npm-packages-deliver-cross.html
