Fake WinRAR proof-of-concept exploit drops VenomRAT malware

A malicious actor is distributing a fake proof-of-concept (PoC) exploit for a patched WinRAR flaw on GitHub to download the VenomRAT malware. While the attack is no longer active, the risk of sourcing PoCs from GitHub without thorough scrutiny remains. This comes after 2022 events where thousands of false PoCs were found on GitHub carrying Cobalt Strike droppers and malware, among other threats.