{"id":17129,"date":"2025-08-07T13:19:00","date_gmt":"2025-08-07T13:19:00","guid":{"rendered":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/07\/malicious-go-npm-packages-deliver-cross-platform-malware-trigger-remote-data-wipes-infothehackernews-com-the-hacker-news\/"},"modified":"2025-08-07T13:19:00","modified_gmt":"2025-08-07T13:19:00","slug":"malicious-go-npm-packages-deliver-cross-platform-malware-trigger-remote-data-wipes-infothehackernews-com-the-hacker-news","status":"publish","type":"post","link":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/07\/malicious-go-npm-packages-deliver-cross-platform-malware-trigger-remote-data-wipes-infothehackernews-com-the-hacker-news\/","title":{"rendered":"Malicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipes info@thehackernews.com (The Hacker News)"},"content":{"rendered":"<p>Cybersecurity researchers have discovered a set of 11 malicious Go packages that are designed to download additional payloads from remote servers and execute them on both Windows and Linux systems.<br \/>\n&#8220;At runtime the code silently spawns a shell, pulls a second-stage payload from an interchangeable set of .icu and .tech command-and-control (C2) endpoints, and executes it in memory,&#8221; Socket security<a href=\"https:\/\/thehackernews.com\/2025\/08\/malicious-go-npm-packages-deliver-cross.html\" target=\"_blank\" class=\"feedzy-rss-link-icon\">Read More<\/a>\u00a0<\/p>","protected":false},"excerpt":{"rendered":"<p>Cybersecurity researchers have discovered a set of 11 malicious Go packages that are designed to download additional payloads from remote servers and execute them on both Windows and Linux systems. &#8220;At runtime the code silently spawns a shell, pulls a second-stage payload from an interchangeable set of .icu and .tech command-and-control (C2) endpoints, and executes [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":17130,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-17129","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"aioseo_notices":[],"aioseo_head":"\n\t\t<!-- All in One SEO 4.9.8 - aioseo.com -->\n\t<meta name=\"description\" content=\"Cybersecurity researchers have discovered a set of 11 malicious Go packages that are designed to download additional payloads from remote servers and execute them on both Windows and Linux systems. &quot;At runtime the code silently spawns a shell, pulls a second-stage payload from an interchangeable set of .icu and .tech command-and-control (C2) endpoints, and executes\" \/>\n\t<meta name=\"robots\" content=\"max-image-preview:large\" \/>\n\t<meta name=\"author\" content=\"admin\"\/>\n\t<link rel=\"canonical\" href=\"https:\/\/sekuritasit.com\/index.php\/2025\/08\/07\/malicious-go-npm-packages-deliver-cross-platform-malware-trigger-remote-data-wipes-infothehackernews-com-the-hacker-news\/\" \/>\n\t<meta name=\"generator\" content=\"All in One SEO (AIOSEO) 4.9.8\" \/>\n\t\t<meta property=\"og:locale\" content=\"en_US\" \/>\n\t\t<meta property=\"og:site_name\" content=\"Sekuritas IT \u203a Creative solutions to unique challenges.\" \/>\n\t\t<meta property=\"og:type\" content=\"article\" \/>\n\t\t<meta property=\"og:title\" content=\"Malicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipes info@thehackernews.com (The Hacker News) \u203a Sekuritas IT\" \/>\n\t\t<meta property=\"og:description\" content=\"Cybersecurity researchers have discovered a set of 11 malicious Go packages that are designed to download additional payloads from remote servers and execute them on both Windows and Linux systems. &quot;At runtime the code silently spawns a shell, pulls a second-stage payload from an interchangeable set of .icu and .tech command-and-control (C2) endpoints, and executes\" \/>\n\t\t<meta property=\"og:url\" content=\"https:\/\/sekuritasit.com\/index.php\/2025\/08\/07\/malicious-go-npm-packages-deliver-cross-platform-malware-trigger-remote-data-wipes-infothehackernews-com-the-hacker-news\/\" \/>\n\t\t<meta property=\"article:published_time\" content=\"2025-08-07T13:19:00+00:00\" \/>\n\t\t<meta property=\"article:modified_time\" content=\"2025-08-07T13:19:00+00:00\" \/>\n\t\t<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/profile.php?id=100086973577423\" \/>\n\t\t<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n\t\t<meta name=\"twitter:title\" content=\"Malicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipes info@thehackernews.com (The Hacker News) \u203a Sekuritas IT\" \/>\n\t\t<meta name=\"twitter:description\" content=\"Cybersecurity researchers have discovered a set of 11 malicious Go packages that are designed to download additional payloads from remote servers and execute them on both Windows and Linux systems. &quot;At runtime the code silently spawns a shell, pulls a second-stage payload from an interchangeable set of .icu and .tech command-and-control (C2) endpoints, and executes\" \/>\n\t\t<script type=\"application\/ld+json\" class=\"aioseo-schema\">\n\t\t\t{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"BlogPosting\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/07\\\/malicious-go-npm-packages-deliver-cross-platform-malware-trigger-remote-data-wipes-infothehackernews-com-the-hacker-news\\\/#blogposting\",\"name\":\"Malicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipes info@thehackernews.com (The Hacker News) \\u203a Sekuritas IT\",\"headline\":\"Malicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipes info@thehackernews.com (The Hacker News)\",\"author\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\"},\"publisher\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/wp-content\\\/uploads\\\/2025\\\/08\\\/npm-go-D0y1GW.jpg\",\"width\":728,\"height\":380},\"datePublished\":\"2025-08-07T13:19:00+00:00\",\"dateModified\":\"2025-08-07T13:19:00+00:00\",\"inLanguage\":\"en-US\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/07\\\/malicious-go-npm-packages-deliver-cross-platform-malware-trigger-remote-data-wipes-infothehackernews-com-the-hacker-news\\\/#webpage\"},\"isPartOf\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/07\\\/malicious-go-npm-packages-deliver-cross-platform-malware-trigger-remote-data-wipes-infothehackernews-com-the-hacker-news\\\/#webpage\"},\"articleSection\":\"Uncategorized\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/07\\\/malicious-go-npm-packages-deliver-cross-platform-malware-trigger-remote-data-wipes-infothehackernews-com-the-hacker-news\\\/#breadcrumblist\",\"itemListElement\":[{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com#listItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/sekuritasit.com\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"name\":\"Uncategorized\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"position\":2,\"name\":\"Uncategorized\",\"item\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/07\\\/malicious-go-npm-packages-deliver-cross-platform-malware-trigger-remote-data-wipes-infothehackernews-com-the-hacker-news\\\/#listItem\",\"name\":\"Malicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipes info@thehackernews.com (The Hacker News)\"},\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com#listItem\",\"name\":\"Home\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/07\\\/malicious-go-npm-packages-deliver-cross-platform-malware-trigger-remote-data-wipes-infothehackernews-com-the-hacker-news\\\/#listItem\",\"position\":3,\"name\":\"Malicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipes info@thehackernews.com (The Hacker News)\",\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"name\":\"Uncategorized\"}}]},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\",\"name\":\"Sekuritas IT\",\"description\":\"Creative solutions to unique challenges.\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/\",\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/profile.php?id=100086973577423\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/07\\\/malicious-go-npm-packages-deliver-cross-platform-malware-trigger-remote-data-wipes-infothehackernews-com-the-hacker-news\\\/#authorImage\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d7e1b280a86a35aded993a38df224bb7b360b70bfbabceccbea7c0ef0ab5e175?s=96&d=retro&r=g\",\"width\":96,\"height\":96,\"caption\":\"admin\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/07\\\/malicious-go-npm-packages-deliver-cross-platform-malware-trigger-remote-data-wipes-infothehackernews-com-the-hacker-news\\\/#webpage\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/07\\\/malicious-go-npm-packages-deliver-cross-platform-malware-trigger-remote-data-wipes-infothehackernews-com-the-hacker-news\\\/\",\"name\":\"Malicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipes info@thehackernews.com (The Hacker News) \\u203a Sekuritas IT\",\"description\":\"Cybersecurity researchers have discovered a set of 11 malicious Go packages that are designed to download additional payloads from remote servers and execute them on both Windows and Linux systems. \\\"At runtime the code silently spawns a shell, pulls a second-stage payload from an interchangeable set of .icu and .tech command-and-control (C2) endpoints, and executes\",\"inLanguage\":\"en-US\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#website\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/07\\\/malicious-go-npm-packages-deliver-cross-platform-malware-trigger-remote-data-wipes-infothehackernews-com-the-hacker-news\\\/#breadcrumblist\"},\"author\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\"},\"creator\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/wp-content\\\/uploads\\\/2025\\\/08\\\/npm-go-D0y1GW.jpg\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/07\\\/malicious-go-npm-packages-deliver-cross-platform-malware-trigger-remote-data-wipes-infothehackernews-com-the-hacker-news\\\/#mainImage\",\"width\":728,\"height\":380},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/07\\\/malicious-go-npm-packages-deliver-cross-platform-malware-trigger-remote-data-wipes-infothehackernews-com-the-hacker-news\\\/#mainImage\"},\"datePublished\":\"2025-08-07T13:19:00+00:00\",\"dateModified\":\"2025-08-07T13:19:00+00:00\"},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#website\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/\",\"name\":\"Sekuritas IT\",\"alternateName\":\"Sekuritas\",\"description\":\"Creative solutions to unique challenges.\",\"inLanguage\":\"en-US\",\"publisher\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\"}}]}\n\t\t<\/script>\n\t\t<!-- All in One SEO -->\n\n","aioseo_head_json":{"title":"Malicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipes info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","description":"Cybersecurity researchers have discovered a set of 11 malicious Go packages that are designed to download additional payloads from remote servers and execute them on both Windows and Linux systems. \"At runtime the code silently spawns a shell, pulls a second-stage payload from an interchangeable set of .icu and .tech command-and-control (C2) endpoints, and executes","canonical_url":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/07\/malicious-go-npm-packages-deliver-cross-platform-malware-trigger-remote-data-wipes-infothehackernews-com-the-hacker-news\/","robots":"max-image-preview:large","keywords":"","webmasterTools":{"miscellaneous":""},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"BlogPosting","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/07\/malicious-go-npm-packages-deliver-cross-platform-malware-trigger-remote-data-wipes-infothehackernews-com-the-hacker-news\/#blogposting","name":"Malicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipes info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","headline":"Malicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipes info@thehackernews.com (The Hacker News)","author":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author"},"publisher":{"@id":"https:\/\/sekuritasit.com\/#organization"},"image":{"@type":"ImageObject","url":"https:\/\/sekuritasit.com\/wp-content\/uploads\/2025\/08\/npm-go-D0y1GW.jpg","width":728,"height":380},"datePublished":"2025-08-07T13:19:00+00:00","dateModified":"2025-08-07T13:19:00+00:00","inLanguage":"en-US","mainEntityOfPage":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/07\/malicious-go-npm-packages-deliver-cross-platform-malware-trigger-remote-data-wipes-infothehackernews-com-the-hacker-news\/#webpage"},"isPartOf":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/07\/malicious-go-npm-packages-deliver-cross-platform-malware-trigger-remote-data-wipes-infothehackernews-com-the-hacker-news\/#webpage"},"articleSection":"Uncategorized"},{"@type":"BreadcrumbList","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/07\/malicious-go-npm-packages-deliver-cross-platform-malware-trigger-remote-data-wipes-infothehackernews-com-the-hacker-news\/#breadcrumblist","itemListElement":[{"@type":"ListItem","@id":"https:\/\/sekuritasit.com#listItem","position":1,"name":"Home","item":"https:\/\/sekuritasit.com","nextItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","name":"Uncategorized"}},{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","position":2,"name":"Uncategorized","item":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/","nextItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/07\/malicious-go-npm-packages-deliver-cross-platform-malware-trigger-remote-data-wipes-infothehackernews-com-the-hacker-news\/#listItem","name":"Malicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipes info@thehackernews.com (The Hacker News)"},"previousItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com#listItem","name":"Home"}},{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/07\/malicious-go-npm-packages-deliver-cross-platform-malware-trigger-remote-data-wipes-infothehackernews-com-the-hacker-news\/#listItem","position":3,"name":"Malicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipes info@thehackernews.com (The Hacker News)","previousItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","name":"Uncategorized"}}]},{"@type":"Organization","@id":"https:\/\/sekuritasit.com\/#organization","name":"Sekuritas IT","description":"Creative solutions to unique challenges.","url":"https:\/\/sekuritasit.com\/","sameAs":["https:\/\/www.facebook.com\/profile.php?id=100086973577423"]},{"@type":"Person","@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author","url":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/","name":"admin","image":{"@type":"ImageObject","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/07\/malicious-go-npm-packages-deliver-cross-platform-malware-trigger-remote-data-wipes-infothehackernews-com-the-hacker-news\/#authorImage","url":"https:\/\/secure.gravatar.com\/avatar\/d7e1b280a86a35aded993a38df224bb7b360b70bfbabceccbea7c0ef0ab5e175?s=96&d=retro&r=g","width":96,"height":96,"caption":"admin"}},{"@type":"WebPage","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/07\/malicious-go-npm-packages-deliver-cross-platform-malware-trigger-remote-data-wipes-infothehackernews-com-the-hacker-news\/#webpage","url":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/07\/malicious-go-npm-packages-deliver-cross-platform-malware-trigger-remote-data-wipes-infothehackernews-com-the-hacker-news\/","name":"Malicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipes info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","description":"Cybersecurity researchers have discovered a set of 11 malicious Go packages that are designed to download additional payloads from remote servers and execute them on both Windows and Linux systems. \"At runtime the code silently spawns a shell, pulls a second-stage payload from an interchangeable set of .icu and .tech command-and-control (C2) endpoints, and executes","inLanguage":"en-US","isPartOf":{"@id":"https:\/\/sekuritasit.com\/#website"},"breadcrumb":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/07\/malicious-go-npm-packages-deliver-cross-platform-malware-trigger-remote-data-wipes-infothehackernews-com-the-hacker-news\/#breadcrumblist"},"author":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author"},"creator":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author"},"image":{"@type":"ImageObject","url":"https:\/\/sekuritasit.com\/wp-content\/uploads\/2025\/08\/npm-go-D0y1GW.jpg","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/07\/malicious-go-npm-packages-deliver-cross-platform-malware-trigger-remote-data-wipes-infothehackernews-com-the-hacker-news\/#mainImage","width":728,"height":380},"primaryImageOfPage":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/07\/malicious-go-npm-packages-deliver-cross-platform-malware-trigger-remote-data-wipes-infothehackernews-com-the-hacker-news\/#mainImage"},"datePublished":"2025-08-07T13:19:00+00:00","dateModified":"2025-08-07T13:19:00+00:00"},{"@type":"WebSite","@id":"https:\/\/sekuritasit.com\/#website","url":"https:\/\/sekuritasit.com\/","name":"Sekuritas IT","alternateName":"Sekuritas","description":"Creative solutions to unique challenges.","inLanguage":"en-US","publisher":{"@id":"https:\/\/sekuritasit.com\/#organization"}}]},"og:locale":"en_US","og:site_name":"Sekuritas IT \u203a Creative solutions to unique challenges.","og:type":"article","og:title":"Malicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipes info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","og:description":"Cybersecurity researchers have discovered a set of 11 malicious Go packages that are designed to download additional payloads from remote servers and execute them on both Windows and Linux systems. &quot;At runtime the code silently spawns a shell, pulls a second-stage payload from an interchangeable set of .icu and .tech command-and-control (C2) endpoints, and executes","og:url":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/07\/malicious-go-npm-packages-deliver-cross-platform-malware-trigger-remote-data-wipes-infothehackernews-com-the-hacker-news\/","article:published_time":"2025-08-07T13:19:00+00:00","article:modified_time":"2025-08-07T13:19:00+00:00","article:publisher":"https:\/\/www.facebook.com\/profile.php?id=100086973577423","twitter:card":"summary_large_image","twitter:title":"Malicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipes info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","twitter:description":"Cybersecurity researchers have discovered a set of 11 malicious Go packages that are designed to download additional payloads from remote servers and execute them on both Windows and Linux systems. &quot;At runtime the code silently spawns a shell, pulls a second-stage payload from an interchangeable set of .icu and .tech command-and-control (C2) endpoints, and executes"},"aioseo_meta_data":{"post_id":"17129","title":null,"description":null,"keywords":null,"keyphrases":null,"primary_term":null,"canonical_url":null,"og_title":null,"og_description":null,"og_object_type":"default","og_image_type":"default","og_image_url":null,"og_image_width":null,"og_image_height":null,"og_image_custom_url":null,"og_image_custom_fields":null,"og_video":null,"og_custom_url":null,"og_article_section":null,"og_article_tags":null,"twitter_use_og":false,"twitter_card":"default","twitter_image_type":"default","twitter_image_url":null,"twitter_image_custom_url":null,"twitter_image_custom_fields":null,"twitter_title":null,"twitter_description":null,"schema":{"blockGraphs":[],"customGraphs":[],"default":{"data":{"Article":[],"Course":[],"Dataset":[],"FAQPage":[],"Movie":[],"Person":[],"Product":[],"ProductReview":[],"Car":[],"Recipe":[],"Service":[],"SoftwareApplication":[],"WebPage":[]},"graphName":"","isEnabled":true},"graphs":[]},"schema_type":"default","schema_type_options":null,"pillar_content":false,"robots_default":true,"robots_noindex":false,"robots_noarchive":false,"robots_nosnippet":false,"robots_nofollow":false,"robots_noimageindex":false,"robots_noodp":false,"robots_notranslate":false,"robots_max_snippet":null,"robots_max_videopreview":null,"robots_max_imagepreview":"large","priority":null,"frequency":null,"local_seo":null,"breadcrumb_settings":null,"limit_modified_date":false,"ai":null,"created":"2025-08-07 13:53:56","updated":"2025-10-15 16:11:12","seo_analyzer_scan_date":null},"aioseo_breadcrumb":"<div class=\"aioseo-breadcrumbs\"><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/sekuritasit.com\" title=\"Home\">Home<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/\" title=\"Uncategorized\">Uncategorized<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\tMalicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipes info@thehackernews.com (The Hacker News)\n\t\t<\/span><\/div>","aioseo_breadcrumb_json":[{"label":"Home","link":"https:\/\/sekuritasit.com"},{"label":"Uncategorized","link":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/"},{"label":"Malicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipes info@thehackernews.com (The Hacker News)","link":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/07\/malicious-go-npm-packages-deliver-cross-platform-malware-trigger-remote-data-wipes-infothehackernews-com-the-hacker-news\/"}],"_links":{"self":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/17129","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/comments?post=17129"}],"version-history":[{"count":0,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/17129\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/media\/17130"}],"wp:attachment":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/media?parent=17129"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/categories?post=17129"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/tags?post=17129"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}