Cybersecurity Researchers Uncover XDigo Malware Targeting Eastern European Governments

Cybersecurity researchers have discovered a Go-based malware called XDigo, used in attacks targeting government entities in Eastern Europe in March 2025. The attack chains exploited a collection of Windows shortcut files (LNK) in a multi-step procedure to deploy the malware, according to the French cybersecurity company HarfangLab. XDSpy is the name given to a group of cyber attackers involved in these incidents.