Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot
Researchers have identified a malicious Go module that masquerades as an SSH brute-force tool, but its true purpose is to steal credentials. Upon a successful login, it sends sensitive information to a Telegram bot controlled by the attacker.