SPIN Unprocessed July 2, 2026 ai_technology cybersecurity
New ChocoPoC RAT Targets Vulnerability Researchers via Fake PoC Exploit Repos
View original on thehackernews.comSummary
Attackers are hiding a data-stealing trojan inside fake exploit code aimed at the people who hunt bugs for a living. The malware, called ChocoPoC, travels in Python proof-of-concept (PoC) repositories on GitHub that claim to exploit hot new CVEs. Run one, and it quietly lifts your saved passwords, browser cookies, and files, then hands the attacker a shell on your machine. YesWeHack and
SpinGraph analysis pending — check back after processing.
Ask AI about this story
Opens with the SpinGraph .md URL and structured context — one click, prompt included.
More from The Hacker News
View all →- 19-Year-Old Scattered Spider Suspect Extradited to Face U.S. Hacking Charges
- Unpatched Argo CD Repo-Server Flaw Could Let Attackers Take Over Kubernetes Clusters
- SharePoint RCE CVE-2026-45659 Added to CISA KEV After Active Exploitation
- FortiBleed Credential Theft Linked to INC and Lynx Ransomware Operations
- AI Agent Exploits Langflow RCE to Automate Database Ransomware Attack
- Identity Lifecycle Management Wasn't Built for AI Agents
Markdown (.md) · JSON-LD schema (.json) · Machine-readable for AI & GEO