TechSecInfo

The tech + cyber briefing: what happened, why it matters, and where it came from.

Cyber Security

Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot

By rooter

Cybersecurity researchers have discovered a malicious Go module that presents itself as a brute-force tool for SSH but actually contains functionality to discreetly exfiltrate credentials to its creator.
“On the first successful login, the package sends the target IP address, username, and password to a hard-coded Telegram bot controlled by the threat actor,” Socket researcher Kirill Boychenko

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

By rooter

Related Post

Cyber Security

AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries

rooter
Cyber Security

Anthropic Launches Claude Code Security for AI-Powered Vulnerability Scanning

rooter
Cyber Security

CISA Adds Two Actively Exploited Roundcube Flaws to KEV Catalog

rooter

Leave a Reply

You Missed

News

The Legend That Defined the Music of ‘Final Fantasy’ Is Getting the Biography He Deserves

News

Obedient Traders Respond to Claude Code Cybersecurity Plugin by Selling Cybersecurity Stocks

News

The Original 151 Pokémon and Their History Are Up for Auction

News

Georgia says Elon Musk’s America PAC violated election law