Go Module Mirror served backdoor to devs for 3+ years
A mirror proxy Google runs on behalf of developers of the Go programming language pushed a backdoored package for more than three years until Monday, after researchers who spotted the malicious code ...
The Hacker News6d
Malicious Go Package Exploits Module Mirror Caching for Persistent Remote Access
Malicious Go package exploits Module Mirror caching to grant remote access, evading detection since November 2021.
Hidden backdoor in Go package remained undetected for years
Go, one of the most popular programming languages alongside "traditional" standards such as Python, C, and Visual Basic, was exploited to turn legitimate open-source projects into ...