ByteBrief
We're a portrait publication through and through. Turn your phone back and your briefing picks up right where you left it.
(We tried widescreen once. It wasn't us.)
Attackers are distributing a Python-based remote access trojan named ChocoPoC through fake proof-of-concept exploit repositories on GitHub. The malware hides in malicious Python packages on PyPI, automatically installed when victims clone a repository. ChocoPoC steals passwords, browser cookies, and files, and gives attackers shell access. The campaign targets cybersecurity researchers.
Tracked by ByteBrief