New ChocoPoC RAT Targets Vulnerability Researchers via Fake PoC Exploit Repos

Attackers are hiding a data-stealing trojan inside fake exploit code aimed at the people who hunt bugs for a living. The malware, called ChocoPoC, travels in Python proof-of-concept (PoC) repositories on GitHub that claim to exploit hot new CVEs.

Run one, and it quietly lifts your saved passwords, browser cookies, and files, then hands the attacker a shell on your machine. YesWeHack and

Source: The Hacker News

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

ThreatsDay Bulletin: Smart TV Proxyware, 24-Year curl Bug, AI Crime Forums + 13 More Stories

ThreatsDay Bulletin: Smart TV Proxyware, 24-Year curl Bug, AI Crime Forums + 13 More Stories It’s dumb out there again. This week has the usual smell of prod on fire

Meta Caps Internal AI Token Spending After Costs Approach Billions in 2026

Meta Caps Internal AI Token Spending After Costs Approach Billions in 2026 Source: Hacker News

Attack Update: Top 5 Attack-IPs auf doode.info – 28.06.2026

Watchtower Attack Update. Hier die aktuellen Top 5 Attack-IPs, die auf doode.info klopfen. 89.167.35.212 — 398 requests (recent log) 216.244.66.232 — 160 requests (recent log) 216.73.216.208 — 80 requests (recent