PyStoreRAT: A New AI-Driven Supply Chain Malware Campaign Targeting IT & OSINT Professionals 

Morphisec Threat Labs describes a coordinated GitHub-based malware campaign dubbed PyStoreRAT in which dormant accounts published polished, AI-generated projects to gain trust and then introduced maintenance commits that deployed a JavaScript/HTA backdoor. PyStoreRAT is a modular, stealthy loader that performs system profiling, adapts execution to evade specific AV products, spreads via removable drives, fetches additional modules from rotating C2 nodes, and delivers payloads including the Rhadamanthys stealer; the report outlines implications for developer ecosystems and defensive controls.