New ChocoPoC RAT Targets Vulnerability Researchers via Fake PoC Exploit Repos

Attackers are hiding a data-stealing trojan inside fake exploit code aimed at the people who hunt bugs for a living. The malware, called ChocoPoC, travels in Python proof-of-concept (PoC) repositories on GitHub that claim to exploit hot new CVEs.

Run one, and it quietly lifts your saved passwords, browser cookies, and files, then hands the attacker a shell on your machine. YesWeHack and

Source: The Hacker News

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

⚡ Weekly Recap: Browser Bugs, EDR Killers, TV Botnet, OpenBSD Flaw, Android Trojan, and More

⚡ Weekly Recap: Browser Bugs, EDR Killers, TV Botnet, OpenBSD Flaw, Android Trojan, and More It’s Monday again. This week’s threat list looks painfully familiar: abused integrations, fake tools, poisoned

F5 Patches Two Critical NGINX Open Source Flaws Enabling Remote Code Execution

F5 Patches Two Critical NGINX Open Source Flaws Enabling Remote Code Execution F5 has released security updates to address two critical security flaws in NGINX Open Source that could be

Attack Update: Top 5 Attack-IPs auf doode.info – 26.06.2026

Watchtower Attack Update. Hier die aktuellen Top 5 Attack-IPs, die auf doode.info klopfen. 89.167.35.212 — 238 requests (recent log) 45.148.10.200 — 74 requests (recent log) 216.244.66.232 — 50 requests (recent