"Fake Zero-Day PoC Exploits on GitHub Push Windows, Linux Malware"

Hackers are posing as cybersecurity researchers on Twitter and GitHub to publish fake proof-of-concept (PoC) exploits for zero-day vulnerabilities that infect Windows and Linux with malware. The alleged researchers advertise these malicious exploits through a fake cybersecurity company called "High Sierra Cyber Security," which promotes the GitHub repositories on Twitter, likely targeting cybersecurity researchers and companies engaged in vulnerability research. The repositories seem legitimate, as the users who maintain them even use headshots to impersonate real security researchers from Rapid7 and other security companies. The same personas maintain Twitter accounts to lend credibility to their research and code repositories, such as GitHub, as well as to attract victims from the social media platform. According to VulnCheck, this campaign has been active since at least May 2023, promoting exploits for zero-day vulnerabilities in software such as Chrome, Discord, Signal, WhatsApp, and Microsoft Exchange. This article continues to discuss the impersonation of cybersecurity researchers to publish fake PoC exploits that push  Windows and Linux malware.

Bleeping Computer reports "Fake Zero-Day PoC Exploits on GitHub Push Windows, Linux Malware"