// Alert

GitHub threat report

// GitHubMEDIUM

Researchers discovered multiple trojanized proof-of-concept exploits on GitHub delivering ChocoPoC, a Python-based remote access trojan targeting cybersecurity researchers. The malware is embedded via malicious Python packages ('frint' and 'skytext') listed as dependencies that are automatically fetched from PyPI upon cloning the malicious repositories. When executed, the compiled native extension decrypts and runs embedded Python code to steal data and execute commands.

// Get alerts for GitHub