In Operation Muck and Load, over 200 GitHub repositories serve a Go module that leads to Windows malware infections.
The Armored Likho APT is targeting government and electric power organizations with modular RATs and information stealers.