Deceptive GitHub Repos Lure Researchers with Infected Exploit Code

Attackers are hiding a Python-based RAT called ChocoPoC in dependency lists rather than exploit code, making malicious GitHub repositories harder to detect.

The Latest

Breaking News and Alerts

Attackers Hide Commands in Web Code to Hijack AI Browsing Agents

Attackers are hiding malicious instructions in invisible HTML and structured data to trick AI browsing agents into making fraudulent payments and trusting fake websites.

Spotlight

Cybersecurity Profiles and Stories

The IPO Window Opens: 9 Cybersecurity Startups Poised for Public Debuts

With Netskope and Rubrik proving the public markets are receptive, PitchBook identifies nine VC-backed cybersecurity startups most likely to follow with IPOs of their own.

Opera Debuts Paste Protect to Counter ClickFix Social Engineering Attacks

Opera's new Paste Protect feature blocks malicious clipboard commands before they can be pasted into terminals, countering the growing ClickFix social engineering attack trend.

ShinyHunters Extortion Attempt Hits Medtronic Customer Data

Medtronic is notifying customers after the ShinyHunters extortion group accessed corporate IT systems containing personal and health information.

Alleged Scattered Spider Member Extradited to US on Fraud Charges

A dual US and Estonian citizen has been extradited from Finland to face charges for his alleged role in the Scattered Spider hacking group, which is accused of extorting millions…

Features

Research and Thought Leadership