CyberSecurity News
New ChocoPoC RAT Targets Vulnerability Researchers via Fake PoC Exploit Repos
AI summary
Attackers are using a data-stealing trojan, known as ChocoPoC, to target vulnerability researchers. The malware is hidden inside fake exploit code in Python proof-of-concept repositories on GitHub, which claim to exploit newly discovered vulnerabilities. When run, the malware steals saved passwords, browser cookies, and files, and also provides the attacker with a shell on the compromised machine. The repositories are designed to appear as legitimate proof-of-concept exploit code, making them a convincing target for researchers. The malware is specifically aimed at those who hunt bugs for a living, posing a significant threat to their systems and data.
This is an AI-generated brief aggregated by HackerFeeds for convenience and grounded in the source’s own summary; the related CVE, threat-group and country data is from HackerFeeds’ own indexes. The original article is the authoritative source — all rights belong to The Hacker News.

