Fake OSINT and GPT Utility GitHub Repos Spread PyStoreRAT Malware Payloads

Cybersecurity researchers are calling attention to a new campaign that's leveraging GitHub-hosted Python repositories to distribute a previously undocumented JavaScript-based Remote Access Trojan (RAT) dubbed PyStoreRAT .

"These repositories, often themed as development utilities or OSINT tools, contain only a few lines of code responsible for silently downloading a remote HTA file and executing it via 'mshta.exe,'" Morphisec researcher Yonatan Edri said in a report shared with The Hacker News.

PyStoreRAT has been described as a "modular, multi-stage" implant that can execute EXE, DLL, PowerShell, MSI, Python, JavaScript, and HTA modules. The malware also deploys an information stealer known as Rhadamanthys as a follow-on payload.

Attack chains involve distributing the malware throu

See Full Page

130

Interests (0)

Settings

Fake OSINT and GPT Utility GitHub Repos Spread PyStoreRAT Malware Payloads

Iran arrests Nobel Peace Prize laureate Narges Mohammadi, supporters say

Tourist stabbed while changing baby in Macy’s

Elon Musk issues dark prediction about Steve Bannon as explosive new Epstein photos drop

Taylor Swift opens up about UK stabbing attack in new docuseries

Leaked emails show Trump campaign sent bizarre messages to Epstein account

'Threat from above': Prisons face escalating threat from drones

'Huuuuge': Erin Burnett in disbelief reading text of Trump-themed item in Epstein photos

‘She was begging for help’: Inmate details neglect in Charleston County jail homicide

How Oklahoma pastor spent $3.15M of 'embezzled' BLM OKC money

Trump eyes another high-profile takeover plan in the nation’s capital

New Advanced Phishing Kits Use AI and MFA Bypass Tactics to Steal Credentials at Scale

Securing GenAI in the Browser: Policy, Isolation, and Data Controls That Actually Work

New React RSC Vulnerabilities Enable DoS and Source Code Exposure

2025: The year the world gave up on America

Gorilla Dancing in a Forest Wins Comedy Wildlife Photo Awards 2025

Dad Who Died Saving Son Had Heart Attack and Drowned, Wife Says

Iran arrests Nobel Peace Prize laureate Narges Mohammadi, supporters say

Skydiver dangles at 15,000 feet after parachute catches on plane's tail in Australia

Open AI, Microsoft face lawsuit over ChatGPT's alleged role in Connecticut murder

Judge orders immediate release of Kilmar Abrego Garcia from immigration detention

US seizes tanker off coast of Venezuela, Trump says

How Social Security beneficiaries' tax bills may change this year

USPS Announces Holiday Delivery Dates

Interests (0)

Settings

Fake OSINT and GPT Utility GitHub Repos Spread PyStoreRAT Malware Payloads

Iran arrests Nobel Peace Prize laureate Narges Mohammadi, supporters say

Tourist stabbed while changing baby in Macy’s

Elon Musk issues dark prediction about Steve Bannon as explosive new Epstein photos drop

Taylor Swift opens up about UK stabbing attack in new docuseries

Leaked emails show Trump campaign sent bizarre messages to Epstein account

'Threat from above': Prisons face escalating threat from drones

'Huuuuge': Erin Burnett in disbelief reading text of Trump-themed item in Epstein photos​

‘She was begging for help’: Inmate details neglect in Charleston County jail homicide

How Oklahoma pastor spent $3.15M of 'embezzled' BLM OKC money

Trump eyes another high-profile takeover plan in the nation’s capital

'Huuuuge': Erin Burnett in disbelief reading text of Trump-themed item in Epstein photos