♡ Follow 0
Malware
Attackers are distributing a data-stealing trojan named ChocoPoC through fake proof-of-concept (PoC) exploit repositories on GitHub, specifically targeting vulnerability researchers. The malware,…
Brave
Check Point VPN
ChocoPoC
Chrome
July 2, 2026
♡ Follow 0
Malware
ChocoPoC is a remote access trojan that hides in Python dependencies of fake PoC exploit repositories on GitHub. It steals credentials, cookies,…
ChocoPoC
credential theft
GitHub
PyPI
July 2, 2026
♡ Follow 0
Malware
WebRAT is a trojan that was pushed via fake CVE PoCs in late 2025, primarily targeting students and junior testers, as mentioned…
fake PoC
RAT
Students
WebRAT
July 2, 2026
♡ Follow 0
Malware
TinyRCT is a previously undocumented .NET backdoor discovered by Palo Alto Networks Unit 42. It is a lightweight remote access trojan capable…
.NET
AES-128
backdoor
CBC mode
June 26, 2026
♡ Follow 0
Malware
A remote access trojan delivered as a second-stage payload in the PolinRider campaign. Unpacked from encrypted payloads fetched via blockchain services like…
blockchain
DEV#POPPER RAT
RAT
remote access
June 25, 2026
♡ Follow 0
Malware
Cabbage RAT, also known as CageyChameleon, is a PowerShell-based remote access trojan used by North Korean threat actors for credential and data…
Cabbage RAT
credential theft
North Korea
PowerShell
June 25, 2026
♡ Follow 0
Malware
NarwhalRAT is a Python-based remote access trojan (RAT) used by the North Korean group ScarCruft. It is capable of keylogging, screen capture,…
APT37
NarwhalRAT
pCloud
Python
June 25, 2026
♡ Follow 0
Malware
BabaDeda Loader is a malware loader first documented by Morphisec in November 2021. It uses ClickFix social engineering to deliver payloads like…
BabaDeda Loader
ClickFix
information stealer
Morphisec
June 25, 2026
♡ Follow 0
Malware
EtherRAT is a remote access trojan (RAT) delivered via the Potemkin loader in ClickFix campaigns. It is used alongside RMMProject for credential…
ClickFix
EtherRAT
Potemkin
RAT
June 25, 2026
♡ Follow 0
Malware
SectopRAT, also known as ArechClient, is a remote access trojan delivered via BabaDeda Loader. It is deployed using DLL side-loading and provides…
ArechClient
BabaDeda Loader
DLL side-loading
RAT
June 25, 2026