ChocoPoC: The Exploit You Cloned Is the Attack
ChocoPoC hides a remote access trojan inside trojanized CVE proof-of-concept repositories on GitHub, using a malicious PyPI dependency chain to compromise the researchers who clone them.
In-depth red team research, blue team strategy — and privacy-first security tools that run entirely in your browser. No accounts. No telemetry. No data leaves your machine.
ChocoPoC hides a remote access trojan inside trojanized CVE proof-of-concept repositories on GitHub, using a malicious PyPI dependency chain to compromise the researchers who clone them.
Gitea 1.26.3 and 1.26.4 addressed a dense security release window, including a 9.8 CRITICAL auth bypass exploitable with a single HTTP header. Here's what broke and how to fix it.
A June 2026 password spray from LSHIY LLC's IPv6 range compromised 78 Microsoft accounts across 64 organizations by abusing Azure CLI ROPC sign-ins that MFA policies did not cover.
A 0DIN proof of concept against Claude Code demonstrates how a clean-looking repository can lead to runtime command execution. The structural risk behind the attack applies to any AI coding agent with shell access.
A single 16x16 icon file can expose hundreds of servers, bypass WAF protections, and map your entire attack surface — here's how attackers use favicon hashing with Shodan, and how defenders can stop it.
Google's new Pixel feature listens to your day and remembers it. The company says everything stays on your device. But what if it doesn't — and does it matter either way?
CVE-2026-46331 and CVE-2026-43503 both corrupt the Linux page cache via network subsystems to grant root — bypassing file integrity tools like AIDE and Tripwire without touching files on disk.