July 13, 2023 By Bill Toulas
Cybersecurity researchers and threat actors are targeted by a fake proof of concept (PoC) CVE-2023-35829 exploit that installs a Linux password-stealing malware.
Uptycs analysts discovered the malicious PoC during their routine scans when detection systems flagged irregularities such as unexpected network connections, unauthorized system access attempts, and atypical data transfers.
Three repositories were found hosting the malicious fake PoC exploit, with two removed from GitHub and the remaining one still live.