Socket’s Threat Research Team has identified eleven malicious Go packages distributed via GitHub, with ten remaining active on the Go Module Mirror, posing ongoing risks to developers and CI/CD pipelines. Eight of these packages employ typosquatting techniques, mimicking legitimate modules to exploit namespace confusion in Go’s decentralized ecosystem, where direct imports from repositories can lead […] The post Malicious Go Packages Used by Threat Actors to Deploy Obfuscated Remote Payloads appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/malicious-go-packages-used-by-threat-actors/
