The campaign spans npm, Packagist, Go, and Chrome, using obfuscated JavaScript loaders and VS Code tasks to deliver malware.
Multiple weaponized proof-of-concept (PoC) exploits on GitHub delivered a Python-based remote access trojan (RAT) called ChocoPoC that can execute commands and steal sensitive data. However, ChocoPoC ...
The infostealer was delivered via CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp.
A SimpleHelp authentication flaw is being exploited to deploy Djinn Stealer, a cross-platform malware targeting cloud, ...
Sophie Venz is a former Deputy Editor at Forbes Advisor. She is an experienced editor and features reporter, and has previously worked in the small business and start-up reporting space. Previously ...
Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.