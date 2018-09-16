It's common practice for researchers to publish a PoC [Proof-of-Concept] of recently patched flaws on code repositories, such as GitHub. That way, they can test different solutions among themselves and force admins to apply the fixes as soon as possible.

When Microsoft patched two remote code execution vulnerabilities, tracked as CVE-2022-24500 and CVE-2022-26809, a few PoCs popped up on GitHub, one of them coming from an account named "rkxxz".

However, the PoC turned out to be bogus, and what it did instead was install Cobalt Strike beacons on the researchers' endpoints. [...]