Web Scouter
Back to News
Security NewsHighIncidentsupply chain

Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe Backdoor

UnknownFeb 27, 2026(about 1 month ago)

A malicious Go module impersonating a legitimate crypto library steals passwords and deploys a Linux backdoor.

Cybersecurity researchers have disclosed details of a malicious Go module that's designed to harvest passwords, create persistent access via SSH, and deliver a Linux backdoor named Rekoobe. The Go module, github[.]com/xinfeisoft/crypto, impersonates the legitimate "golang.org/x/crypto" codebase, but injects malicious code that's responsible for exfiltrating secrets entered via terminal password

Related News

Exploitation of Fresh Citrix NetScaler Vulnerability Begins

Unknown31 minutes ago

FBI Confirms Kash Patel Email Hack as US Offers $10M Reward for Hackers

Unknownabout 2 hours ago

Critical Fortinet Forticlient EMS flaw now exploited in attacks

Unknownabout 2 hours ago

Get Personalized Alerts

Track vendors and receive alerts when security incidents affect your supply chain.

What We Monitor

Security Incidents

Data breaches, ransomware, and unauthorized access

Vulnerabilities

CVEs and vendor security advisories

Compliance Updates

Regulatory changes and certification news

Legal News

Privacy laws and enforcement actions

Vendor Directory

Browse our directory of SaaS vendors with security documentation and compliance information.