A Chinese-linked cyberespionage group has been exposed after hardcoded credentials were discovered in their backdoors, revealing internal operations and testing environments. Researchers found a trove of Go-based malware, which included command and control credentials, allowing them to access thousands of messages related to campaigns targeting a Mongolia government agency. The malware, developed using the Go programming language, was found to have embedded credentials, which is a significant operational security failure. This discovery has provided valuable insights into the group's tactics, techniques, and procedures, including their targeting of government agencies1. The exposure of these credentials has likely compromised the group's operations and may force them to retool and reassess their strategies. This matters to cybersecurity practitioners because it highlights the importance of secure coding practices and the potential consequences of poor operational security, which can lead to the disruption of even sophisticated cyberespionage campaigns.