ShellCodeX
Tools • Events • News • Insights
ShellCodeX Intelligence Brief
CRITICAL Cybersecurity

ChocoPoC RAT hides as fake PoC exploit code in GitHub repositories

Source headline: New ChocoPoC RAT Targets Vulnerability Researchers via Fake PoC Exploit Repos

Threat level Critical
Signal strength 85/100
Source confidence 1 source
Published 2 hours ago

Intelligence Summary

A Python-based RAT dubbed ChocoPoC is being distributed through fake GitHub proof-of-concept exploit repositories. The repos claim to target recently disclosed CVEs but instead deliver a trojan payload. Once run, the malware steals saved passwords, browser cookies, and other files. It then connects back to the attacker and provides a shell for further control. Vulnerability researchers and developers who execute PoC code from unverified sources should treat these repos as high risk and verify provenance before running anything.

Recommended Action

Prioritize immediate review, validate exposure, and patch or mitigate affected systems.

Topics

#github #rat #python #chocopoc #password-stealing #trojan
Original reporting The Hacker News New ChocoPoC RAT Targets Vulnerability Researchers via Fake PoC Exploit Repos
Open original source