A malicious Go module, discovered by Socket’s Threat Research Team, has been exploiting the Go ecosystem by impersonating a legitimate cryptography library. This module, hosted on GitHub as github.com/xinfeisoft/crypto, mimics the well-known golang.org/x/crypto codebase but has been backdoored to capture sensitive credentials and deploy a Rekoobe backdoor. The threat actor behind this attack is leveraging […] The post Go Crypto Malware Steals Credentials and Deploys Rekoobe Backdoor via Supply Chain Breach appeared first on Cyber Security News.