Malicious Go packages disguised as Google’s UUID tools stole sensitive data for years by exploiting typosquatting. Here’s how attackers blended in, what was stolen, and how developers can defend against such supply chain threats.
#Go packages | #Typosquatting | #Data exfiltration