[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fGpK0SDtikDgQMgaszJrf53tuAgDs64ycpo8sY68PCMM":3},{"article":4,"iocs":51},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":33,"category":34,"article_tags":38},"be1f9eee-ce82-492b-bc0a-3b5d44596cc9","New ChocoPoC RAT Targets Vulnerability Researchers via Fake PoC Exploit Repos","new-chocopoc-rat-targets-vulnerability-researchers-via-fake-poc-exploit-repos-a0ec5c","Attackers are hiding a data-stealing trojan inside fake exploit code aimed at the people who hunt bugs for a living. The malware, called ChocoPoC, travels in Python proof-of-concept (PoC) repositories on GitHub that claim to exploit hot new CVEs. Run one, and it quietly lifts your saved passwords, browser cookies, and files, then hands the attacker a shell on your machine. YesWeHack and","Attackers are distributing a remote access trojan named ChocoPoC hidden within fake Python proof-of-concept (PoC) exploit repositories on GitHub. The malware is designed to steal credentials, browser data, and files from vulnerability researchers, and has been observed targeting high-profile CVEs. The campaign leverages a dependency confusion technique, hiding the malicious payload within a seemingly legitimate Python package.","ChocoPoC RAT targets vulnerability researchers via fake Python exploit PoC repositories on GitHub.","New ChocoPoC RAT Targets Vulnerability Researchers via Fake PoC Exploit Repos Swati KhandelwalJul 02, 2026Malware \u002F Vulnerability Research Attackers are hiding a data-stealing trojan inside fake exploit code aimed at the people who hunt bugs for a living. The malware, called ChocoPoC, travels in Python proof-of-concept (PoC) repositories on GitHub that claim to exploit hot new CVEs. Run one, and it quietly lifts your saved passwords, browser cookies, and files, then hands the attacker a shell on your machine. YesWeHack and Sekoia published their joint findings on July 1 and warned that, as of that report, the malware and its servers were still live, so do not run any of these PoCs. The trick is where the code sits. The visible PoC looks clean. The malware hides in a Python package that the PoC pulls in as a dependency, so it slips past a quick code review. How the trap works The bait is time pressure. When a big flaw drops, researchers race to test it and grab community PoCs to move fast. This campaign turns that habit into an infection route. The chain, in plain terms: You clone the repo and run pip install to fetch the PoC's requirements. That pulls in a package named frint, which in turn drags in a second package, skytext. skytext ships a small compiled file (gradient.so on Linux, gradient.pyd on Windows) that runs the moment you launch the PoC. It only wakes up when it sees the real PoC loaded, checking for a file named EXPLOIT_POC.py or similar, then unpacks its payload and downloads the trojan. That last check is why a plain sandbox sees nothing. Detonate the package on its own, without the full PoC around it, and the malware stays asleep. What it steals and does Once running, ChocoPoC is a full remote access trojan. It pulls saved passwords, cookies, autofill, and history from Chrome, Brave, Edge, and Firefox. It grabs text files, notes, and local databases, along with shell history, network settings, and the list of running processes. The attacker can also run any shell command, run arbitrary Python, pull whole folders, and slow the malware down to stay quiet. Several command names are in Spanish, and the code carries small bugs, which the researchers read as hand-written rather than AI-generated. For control, the malware hides in plain sight. It reads its orders from a dataset on Mapbox, a normal mapping service, using it as a dead drop. It resolves that address over DNS-over-HTTPS and uses a domain-fronting trick, so the traffic looks like ordinary Mapbox API calls. Larger uploads go to a separate server at 91.132.163.78. How far has it spread YesWeHack and Sekoia found at least seven fake PoC repos, each tied to a high-profile flaw: FortiWeb path traversal (CVE-2025-64446) React2Shell (CVE-2025-55182) MongoBleed (CVE-2025-14847) PAN-OS auth bypass (CVE-2026-0257) Ivanti Sentry command injection (CVE-2026-10520) Check Point VPN auth bypass (CVE-2026-50751) Joomla SP Page Builder RCE (CVE-2026-48908) The skytext package alone was downloaded about 2,400 times, mostly on Linux. Downloads do not prove anyone was infected, but they spiked right after major CVEs went public, which fits the lure. An earlier run of the same campaign, going back to late 2025, used two other packages, slogsec and logcrypt.cryptography, with near-identical code. Sekoia assesses with high confidence that one actor is behind both, based on reused control markers. It says the operator rotated through GitHub, PyPI, and Mapbox accounts, several built from leaked or stolen logins. No known group has been named. Security researchers make a rich target. They run untrusted code by design, often with high privileges, and their machines hold client credentials, private reports, and details of live engagements. Compromise one, and you can reach far past a single laptop. The MUT-1244 campaign showed the payoff, using fake PoC repositories to steal SSH keys and cloud credentials from red teamers and researchers. This is not a new idea, only a new wrapper. North Korea's Lazarus group has courted researchers for years, posing as fellow bug hunters and shipping malicious Visual Studio projects in 2021, then burning a zero-day on them in 2023, with fresh waves since. On the commodity-crime side, Trend Micro found a fake PoC for a Windows LDAP flaw (CVE-2024-49113) that stole researcher data in early 2025, and a separate campaign pushed fake CVE PoCs carrying a trojan called WebRAT in late 2025, mostly hitting students and junior testers. What ChocoPoC adds is the hiding spot. The malware lives in a dependency, so the PoC you actually read stays clean. As the researchers put it, the malware itself is old news, but \"what is changing is the delivery mechanism.\" What to do now Treat any PoC as hostile until proven otherwise, and steer clear of code from brand-new or unknown accounts. Read the full dependency chain, not just the PoC file. Watch for freshly published packages, unfamiliar maintainers, and accounts with hidden history. Test only in a throwaway VM, but remember isolation alone will not trip this one. The real fix is not installing the packages at all. Check your systems for frint, skytext, slogsec, and logcrypt.cryptography, plus the file hashes in the report. If you ran any of them, rotate credentials and rebuild the host. The bigger risk is downstream. These lures target the researchers who supply detections and PoCs to frameworks like Nuclei and MDUT. Sekoia flags the danger of a double supply chain hit: poison one researcher, and the bad code can ride into a framework thousands of others trust. Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post. SHARE     Tweet Share Share Share SHARE  Credential Theft, GitHub, Malware, proof of concept, PyPI, Python, Remote Access Trojan, Supply Chain, Vulnerability Research ⚡ Top Stories This Week Chrome Ad Blocker with 10M+ Installs Found with Dormant Script Injection Capability New Gaslight macOS Malware Uses Prompt Injection to Disrupt AI-Assisted Analysis Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Gain Root Access Google Sets Sept. 30 Deadline for Android Developer Verification in Four Countries Amadey and StealC Malware Network Disrupted, 27M Stolen Credentials Recovered FortiBleed Targeted FortiGate Firewalls in 110 Million-Credential Harvesting Operation Fake AI Agent Skill Passed Security Scans and Reportedly Reached 26,000 Agents WhatsApp VBScript Campaign Uses Fake Documents to Install ManageEngine RMM Tool 29-Year-Old Squid Proxy Bug 'Squidbleed' Can Leak Cleartext HTTP Requests ⚡ Weekly Recap: Browser Bugs, EDR Killers, TV Botnet, OpenBSD Flaw, Android Trojan, and More Unpatchable 'usbliter8' Exploit Breaks Apple A12 and A13 SecureROM Boot Chain The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution CISA Warns Fortinet Customers as FortiBleed Hits 86,644 FortiGate Devices F5 Patches Two Critical NGINX Open Source Flaws Enabling Remote Code Execution Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data ⭐ Featured Resources Get the 2026 Guide to Govern and Secure Enterprise AI Agents at Scale [Watch Demo] See Which Security Gaps Attackers Could Exploit First AI Can’t Stop Every Attack. Learn How Zero Trust Can Block What’s Unknown Have You Outgrown Your MDR? 7 Warning Signs Every CISO Should Check","https:\u002F\u002Fthehackernews.com\u002F2026\u002F07\u002Fnew-chocopoc-rat-targets-vulnerability.html","https:\u002F\u002Fblogger.googleusercontent.com\u002Fimg\u002Fb\u002FR29vZ2xl\u002FAVvXsEjd_BdKzn7-7TCZJfnsZBy25kGm8xiQTrJquj8vMVsjlRXf7LXqMiJLQs8ic-lNLRc51whJzP-B4Nv9OOzfgOSHKzmIjZFv0krEDBuSeuXXNj-OccwbpBBBBIofZFMBT4DaThqLeE2Bsx-Nkp8aZZfEs6tVB43kby1L5UbtPjauqfedlANNzOYGrNB7ec5o\u002Fs1600\u002Ffake.jpg","2026-07-02T07:24:23+00:00","2026-07-02T08:00:07.310104+00:00",9,[18,21,24,26,28,30],{"name":19,"type":20},"ChocoPoC","product",{"name":22,"type":23},"Python","technology",{"name":25,"type":23},"Proof-of-Concept (PoC)",{"name":27,"type":20},"frint",{"name":29,"type":20},"skytext",{"name":31,"type":32},"Mapbox","vendor","89f78b1c-3503-45a1-9fc7-e23d2ce1c6d5",{"id":33,"icon":35,"name":36,"slug":37},null,"Malware","malware",[39,44,46],{"category":40},{"id":41,"icon":35,"name":42,"slug":43},"26b0b636-0e31-4db1-bffb-61bdf9f20a58","Supply Chain","supply-chain",{"category":45},{"id":33,"icon":35,"name":36,"slug":37},{"category":47},{"id":48,"icon":35,"name":49,"slug":50},"e7b231c8-5f79-4465-8d38-1ef13aea5a14","Threat Intelligence","threat-intelligence",[52,56,60,62,65,68,70,71,74,76,80,83,86,89,92,95],{"type":53,"value":54,"context":55},"domain","mapbox.com","Used as a dead drop for command and control via domain fronting.",{"type":57,"value":58,"context":59},"ip","91.132.163.78","IP address for larger uploads by the ChocoPoC malware.",{"type":37,"value":19,"context":61},"Name of the remote access trojan.",{"type":37,"value":63,"context":64},"gradient.so","Compiled payload file on Linux.",{"type":37,"value":66,"context":67},"gradient.pyd","Compiled payload file on Windows.",{"type":37,"value":27,"context":69},"Malicious Python package name.",{"type":37,"value":29,"context":69},{"type":37,"value":72,"context":73},"slogsec","Earlier malicious Python package name.",{"type":37,"value":75,"context":73},"logcrypt.cryptography",{"type":77,"value":78,"context":79},"cve","CVE-2025-64446","FortiWeb path traversal vulnerability targeted.",{"type":77,"value":81,"context":82},"CVE-2025-55182","React2Shell vulnerability targeted.",{"type":77,"value":84,"context":85},"CVE-2025-14847","MongoBleed vulnerability targeted.",{"type":77,"value":87,"context":88},"CVE-2026-0257","PAN-OS auth bypass vulnerability targeted.",{"type":77,"value":90,"context":91},"CVE-2026-10520","Ivanti Sentry command injection vulnerability targeted.",{"type":77,"value":93,"context":94},"CVE-2026-50751","Check Point VPN auth bypass vulnerability targeted.",{"type":77,"value":96,"context":97},"CVE-2026-48908","Joomla SP Page Builder RCE vulnerability targeted."]