Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot

Hey tech family, listen up—there's a sneaky Go module out there that's straight-up catfishing as an SSH brute-force tool. Published back on June 24, 2022, this bad boy doesn't just crack passwords; it's a full-blown credential thief, siphoning your SSH details through a Telegram bot and flying under the radar like a ghost in the machine.

Authored by Ravie Lakshmanan and dropped on August 24, 2025, this piece from The Hacker News is a must-read for anyone in the cyber game. It's tagged with all the key vibes: cybersecurity, GitHub, Go Programming, Malware, password, hackers, ssh security, Supply Chain Security, and Telegram—so you know it's legit and packed with intel.