#7
The Hacker News
general
July 02, 2026 at 07:24 UTC
New ChocoPoC RAT Targets Vulnerability Researchers via Fake PoC Exploit Repos
By [email protected] (The Hacker News)
AI Summary
Attackers distributed a Python-based RAT called ChocoPoC via fake proof-of-concept exploit repositories on GitHub, specifically targeting vulnerability researchers by impersonating PoC code for high-profile CVEs. Once executed, ChocoPoC exfiltrates saved passwords, browser cookies, and files, and provides the attacker with a remote shell. YesWeHack researchers flagged the campaign, underscoring the persistent risk of supply-chain-style attacks against the security research community itself.
Relevance score: 79.0/100
Sponsored
Protect Your Business
Expert cybersecurity solutions to safeguard your organization from evolving threats.
Get Protected →