Cybersecurity researchers have disclosed details of a
malicious Go module that's designed to harvest passwords, create
persistent access via SSH, and deliver a Linux backdoor named
Rekoobe. The Go module, github[.]com/xinfeisoft/crypto,
impersonates the legitimate "golang.org/x/crypto" codebase, but
injects malicious code that's responsible for exfiltrating secrets
entered via terminal password
Read more https://thehackernews.com/2026/02/malicious-go-crypto-module-steals.html
