Malicious Go Crypto Module Steals Passwords and Deploys Rekoobe Backdoor
A sophisticated supply chain attack has been uncovered targeting Go developers through a malicious module that impersonates the legitimate golang.org/x/crypto library. The attack demonstrates how threat actors are increasingly exploiting namespace confusion to compromise developer environments and deploy persistent backdoors. The Attack Mechanism Security researchers at Socket discovered the malicious module github[.]com/xinfeisoft/crypto, which masquerades as…