Single-Letter Go Module Typosquat Drops DNS
Source: Gbhackers
Published:
<p>A newly uncovered software supply chain attack targeting Go developers demonstrates how a single-character typo can silently introduce a persistent backdoor. A malicious Go module, github.com/shopsprint/decimal, designed to impersonate the widely trusted github.com/shopspring/decimal library used