Typosquatted Go Packages Deliver Malware Loader Targeting Linux and macOS (socket.dev) 11 points by feross 1y ago ↗ HN
[–] rn3aoh 1y ago ↗ There are something like 50 Github accounts spamming clones of packages with no git history, which still somehow show as forks of existing packages, and contain the same malicious loader. I reported a few, but this is a bit beyond me.
2 comments
[ 3.1 ms ] story [ 16.1 ms ] thread