importantSYS.SOURCE: The Hacker News• 2026-07-02T12:54:23+05:30
ChocoPoC RAT Exploits Vulnerability Researchers via Malicious GitHub Proof-of-Concept Repositories
#Supply Chain Attack#Vulnerability Research#GitHub#PoC Exploit
A Remote Access Trojan named ChocoPoC is distributed within Python proof-of-concept (PoC) repositories on GitHub, tricking vulnerability researchers into executing malicious code. This mechanism leverages the researcher's habit of quickly testing and cloning community PoCs to facilitate infection.
Attackers are hiding a data-stealing trojan inside fake exploit code aimed at the people who hunt bugs for a living. The malware, called ChocoPoC, travels in Python proof-of-concept (PoC) repositories on GitHub that claim to exploit hot new CVEs.
Run one, and it quietly lifts your saved passwords, browser cookies, and files, then hands the attacker a shell on your machine. YesWeHack and
*** END OF TRANSMISSION ***