Go Module Mirror Exposed Developers to Backdoor for Over 3 Years
A significant vulnerability has emerged in the Go programming language ecosystem, stemming from a backdoored package that was hosted on Google’s Go Module Mirror service for over three years. This package was only removed recently, following two petitions by researchers who identified the malicious code within it. The Go Module…