Cyber Security Headlines Malicious Go module, new Mirai botnet, Silk Typhoon exploits cloud
24 snips
Aug 25, 2025 Discover the alarming rise of a malicious Go module that is stealing SSH credentials via Telegram. A Mirai-based botnet is back, launching attacks on systems around the globe. Silk Typhoon hackers are using cloud trust relationships to infiltrate and exploit their targets. The discussion also touches on recent exploits by Murky Panda, legislative moves to modernize cybersecurity roles, and a mysterious blockade at Port 443 in China, hinting at strategic government motives. It's a deep dive into today's evolving cyber threat landscape.
AI Snips
Chapters
Transcript
Episode notes
Go Module Steals SSH Credentials
- A malicious Go module disguised as an SSH brute-force tool exfiltrates successful credentials to a hard-coded Telegram bot.
- Socket researchers found it scans random IPv4s, brute-forces SSH, and sends IP, username, and password to the attacker.
Mirai Variant Resurfaces With New Exploits
- A Mirai-based botnet renewed activity by integrating old Mirai code with end-day and zero-day exploits.
- FortiGuard Labs noted it targets various routers and smart devices and even DDoS attacks researchers tracking it.
Threat Actors Exploit Cloud Trust
- Silk Typhoon (Murky Panda/Hafnium) exploits cloud provider trust relationships to access downstream customers.
- CrowdStrike warns such breaches blend with legitimate cloud activity and are less monitored than credential theft.