VERY IMPORTANT

A new malware campaign has been discovered, distributing the Webrat Trojan via GitHub repositories. The attackers are disguising the malware as exploits for high-profile vulnerabilities, targeting inexperienced security professionals and students. The repositories contain detailed, AI-generated vulnerability information to build trust. The malicious files perform actions such as privilege escalation, disabling Windows Defender, and fetching the Webrat backdoor. Webrat can steal data from various applications, perform spyware functions, and allow remote control of infected systems. This campaign represents a shift in tactics for the Webrat operators, moving from targeting gamers and users of pirated software to specifically targeting the cybersecurity community.