Home / Jul 03, 2026 / Story
0
#7 The Hacker News general July 02, 2026 at 07:24 UTC

New ChocoPoC RAT Targets Vulnerability Researchers via Fake PoC Exploit Repos

By [email protected] (The Hacker News)

AI Summary

Attackers distributed a Python-based RAT called ChocoPoC via fake proof-of-concept exploit repositories on GitHub, specifically targeting vulnerability researchers by impersonating PoC code for high-profile CVEs. Once executed, ChocoPoC exfiltrates saved passwords, browser cookies, and files, and provides the attacker with a remote shell. YesWeHack researchers flagged the campaign, underscoring the persistent risk of supply-chain-style attacks against the security research community itself.

Relevance score: 79.0/100

# More from July 03