Security experts targeted with malicious CVE PoC exploits on GitHub


Soufian El Yadmani, Robin The, and Olga Gadyatskaya, a team of researchers at the Leiden Institute of Advanced Computer Science, have found hundreds of GitHub repositories that provide bogus proof-of-concept (PoC) exploits for various vulnerabilities.

Since some of these repositories were utilised by threat actors to disseminate malware in 2017�2021, the experts examined PoCs posted on GitHub for known vulnerabilities. The experts emphasised that there is no assurance that any given Proof of Concept (PoC) originates from a reliable source from public code repositories. Read More…