WebRAT Malware Spread via Fake Vulnerability Exploits on GitHub

WebRAT malware spread via fake vulnerability exploits on GitHub

The WebRAT malware is now being distributed through GitHub repositories that claim to host proof-of-concept exploits for recently disclosed vulnerabilities.

Budding infosec pros and aspiring cyber crooks targeted with fake PoC exploits

Attackers are targeting budding security professionals and aspiring hackers with malware by offering PoC exploits for known vulnerabilities.

From cheats to exploits: Webrat spreading via GitHub

2025年初发现的新恶意软件家族Webrat最初伪装成游戏外挂或破解软件攻击普通用户。9月起扩展目标至信息安全领域学生及不专业研究人员。通过GitHub伪装成高危漏洞利用工具传播，提升权限禁用Windows Defender并下载后门程序窃取信息及进行间谍活动。提醒分析此类文件需谨慎并使用隔离环境。

Webrat, disguised as exploits, is spreading via GitHub repositories

In early 2025, security researchers uncovered a new malware family named Webrat. Initially, the Trojan targeted regular users by disguising itself as cheats for popular games like Rust, Counter-Strike, and Roblox, or as cracked software. In September, the attackers decided to widen their net: alongside gamers and users of pirated software, they are now targeting inexperienced professionals and students in the information security field. Distribu…