Fake GitHub OSINT Tools Spread PyStoreRAT Malware

HackRead: New PyStoreRAT Malware Targets OSINT Researchers Through GitHub | ResearchBuzz: Firehose

HackRead: New PyStoreRAT Malware Targets OSINT Researchers Through GitHub. “These convincing projects/repositories were so well-made that several quickly climbed high on GitHub’s trending lists. Only after gaining this traction and trust did the criminals introduce subtle code updates, disguised as simple ‘maintenance, to plant the PyStoreRAT backdoor.”The post HackRead: New PyStoreRAT Malware Targets OSINT Researchers Through GitHub first appea…

Fake GitHub OSINT Tools Spread PyStoreRAT Malware

Attackers are using GitHub as part of a campaign to spread a novel JavaScript-based RAT called PyStoreRAT, masquerading as widely used OSINT, GPT, and security utilities targeting developers and analysts. The malware campaign leverages small pieces of Python or JavaScript loader code hosted on fake GitHub repositories, which silently fetch and execute remote HTML Application (HTA) files via mshta.exe, initiating a multi-stage infection chain.  P…

Fake OSINT and GPT Utility GitHub Repos Spread PyStoreRAT Malware Payloads

Cybersecurity researchers are calling attention to a new campaign that's leveraging GitHub-hosted Python repositories to distribute a previously undocumented JavaScript-based Remote Access Trojan (RAT) dubbed PyStoreRAT. "These repositories, often themed as development utilities or OSINT tools, contain only a few lines of code responsible for silently downloading a remote HTA file and executing

New PyStoreRAT Malware Targets OSINT Researchers Through GitHub

A new malware called PyStoreRAT is being through fake OSINT tools on GitHub targeting IT and OSINT pros. Read Morphisec's report detailing how it uses AI and evades security.