Hackers Use Fake PoCs on GitHub to Steal WordPress Credentials, AWS Keys

A year-long cyber campaign, MUT-1244, targeted cybersecurity professionals, stealing over 390,000 WordPress credentials and other sensitive data. The campaign used trojanized GitHub repositories and phishing emails, disguising malware as legitimate proof-of-concept codes and software updates. This highlights the evolving tactics of cybercriminals and the importance of vigilance, especially for those in the cybersecurity field.