Attackers are hiding a data-stealing trojan inside fake
exploit code aimed at the people who hunt bugs for a living. The
malware, called ChocoPoC, travels in Python proof-of-concept (PoC)
repositories on GitHub that claim to exploit hot new CVEs. Run one,
and it quietly lifts your saved passwords, browser cookies, and
files, then hands the attacker a shell on your
machine. YesWeHack and
Read more https://thehackernews.com/2026/07/new-chocopoc-rat-targets-vulnerability.html

