New ChocoPoC RAT Targets Vulnerability Researchers via Fake PoC Exploit Repos

Read full story on The Hacker News
Share
New ChocoPoC RAT Targets Vulnerability Researchers via Fake PoC Exploit Repos
AI disclosure

Summary

Attackers are hiding a data-stealing trojan inside fake exploit code aimed at the people who hunt bugs for a living. The malware, called ChocoPoC, travels in Python proof-of-concept (PoC) repositories on GitHub that claim to exploit hot new CVEs. Run one, and it quietly lifts your saved passwords, browser cookies, and files, then hands the attacker a shell on your machine. YesWeHack and

Original reporting

Open original source

Related coverage

Read full article on The Hacker News

Get the AFBytes Brief

Major stories, AI-assisted analysis, and what to watch next. Free, monthly, unsubscribe anytime.