#Go

#Go

At AspenView, we are passionate about transforming the way organizations approach technology. We specialize in creating high-performing, nearshore IT teams to help North American clients innovate faster and more efficiently. As we continue to grow, we're looking for exceptional people to join our team and help drive impactful change across industries. Why Join AspenView? At AspenView, we're more than a nearshore IT partner-we're a people-first, purpose-driven company that believes great culture drives great outcomes.

In total I probably spent around 45 minutes actively with it. It worked for around 3 hours while I was watching, then another 7 hours alone. This post is a recollection of what happened and what I learned from it. All prompting was done by voice using pi, starting with Opus 4.5 and switching to GPT-5.2 Codex for the long tail of test fixing.

Cybersecurity researchers have discovered a malicious Go module that presents itself as a brute-force tool for SSH but actually contains functionality to discreetly exfiltrate credentials to its creator. "On the first successful login, the package sends the target IP address, username, and password to a hard-coded Telegram bot controlled by the threat actor," Socket researcher Kirill Boychenko said. The deceptive package, named "golang-random-ip-ssh-bruteforce," has been linked to a GitHub account called IllDieAnyway (G3TT), which is currently no longer accessible.

The v0.12 release of gopls features a core rewrite that allows it to scale to larger codebases, enhancing performance and reducing memory usage significantly.

A standardized CI/CD pipeline for microservices should address key challenges such as coordinating cross-service releases, managing backward compatibility, and preventing configuration duplication.