[GUEST ACCESS MODE: Data is scrambled or limited to provide examples. Make requests using your API key to unlock full data. Check https://lunarcrush.ai/auth for authentication information.]  🦊 GitLab [@gitlab](/creator/twitter/gitlab) on x 167.8K followers Created: 2025-06-30 14:32:05 UTC 🚨 Supply Chain Attack Caught in the Wild Our Vulnerability Research team recently flagged a live typosquatting attack in the Go ecosystem—qiniiu/qmgo, a near-identical clone of the popular MongoDB driver. What stood out: → Malicious code hidden in NewClient to trigger during normal app use → Multi-layered payload delivery ending in a full remote access trojan → Attackers re-uploaded a second variant just days later—we caught that too 💡 These threats are subtle but serious. Our automated system—powered by heuristics, AI, and human review—detected and stopped it fast. 🔗 Full breakdown, IOCs, and defense tips in the blog:  XXXXX engagements  **Related Topics** [$gtlb](/topic/$gtlb) [Post Link](https://x.com/gitlab/status/1939693427328713027)
[GUEST ACCESS MODE: Data is scrambled or limited to provide examples. Make requests using your API key to unlock full data. Check https://lunarcrush.ai/auth for authentication information.]
🦊 GitLab @gitlab on x 167.8K followers
Created: 2025-06-30 14:32:05 UTC
🚨 Supply Chain Attack Caught in the Wild
Our Vulnerability Research team recently flagged a live typosquatting attack in the Go ecosystem—qiniiu/qmgo, a near-identical clone of the popular MongoDB driver.
What stood out: → Malicious code hidden in NewClient to trigger during normal app use → Multi-layered payload delivery ending in a full remote access trojan → Attackers re-uploaded a second variant just days later—we caught that too
💡 These threats are subtle but serious. Our automated system—powered by heuristics, AI, and human review—detected and stopped it fast.
🔗 Full breakdown, IOCs, and defense tips in the blog:
XXXXX engagements
Related Topics $gtlb