Malicious actors are abusing Go’s open-source ecosystem by deploying a backdoored crypto module that steals passwords and installs a Rekoobe Linux backdoor on developer and CI environments. The package imitates Go’s trusted cryptography library to turn ordinary password prompts into a full compromise chain quietly. On pkg.go.dev it appears as a normal cryptography library with […]

The post Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe Backdoor in Developer Environments appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.