ShellCodeX Intelligence Brief
CRITICAL
Cybersecurity
ChocoPoC RAT hides as fake PoC exploit code in GitHub repositories
Source headline: New ChocoPoC RAT Targets Vulnerability Researchers via Fake PoC Exploit Repos
Threat level
Critical
Signal strength
85/100
Source confidence
1 source
Published
2 hours ago
Intelligence Summary
A Python-based RAT dubbed ChocoPoC is being distributed through fake GitHub proof-of-concept exploit repositories. The repos claim to target recently disclosed CVEs but instead deliver a trojan payload. Once run, the malware steals saved passwords, browser cookies, and other files. It then connects back to the attacker and provides a shell for further control. Vulnerability researchers and developers who execute PoC code from unverified sources should treat these repos as high risk and verify provenance before running anything.
Recommended Action
Prioritize immediate review, validate exposure, and patch or mitigate affected systems.
Topics
Original reporting
The Hacker News
New ChocoPoC RAT Targets Vulnerability Researchers via Fake PoC Exploit Repos
Open original source