HackerFeeds

CyberSecurity News

New ChocoPoC RAT Targets Vulnerability Researchers via Fake PoC Exploit Repos

The Hacker News
· July 2, 2026

AI summary

Attackers are using a data-stealing trojan, known as ChocoPoC, to target vulnerability researchers. The malware is hidden inside fake exploit code in Python proof-of-concept repositories on GitHub, which claim to exploit newly discovered vulnerabilities. When run, the malware steals saved passwords, browser cookies, and files, and also provides the attacker with a shell on the compromised machine. The repositories are designed to appear as legitimate proof-of-concept exploit code, making them a convincing target for researchers. The malware is specifically aimed at those who hunt bugs for a living, posing a significant threat to their systems and data.

Read the full article at The Hacker Newsthehackernews.com/2026/07/new-chocopoc-rat-targets-vulnerability.html

This is an AI-generated brief aggregated by HackerFeeds for convenience and grounded in the source’s own summary; the related CVE, threat-group and country data is from HackerFeeds’ own indexes. The original article is the authoritative source — all rights belong to The Hacker News.