Researchers have discovered bogus Proof-of-Concept (PoC) exploits that appear to have been manufactured by threat actors in an effort to distribute malware to the cybersecurity community. On May 19, researchers found that GitHub included malicious software masquerading as Proof-of-Concept exploits for a pair of Windows vulnerabilities that Microsoft patched in April 2022.
The bogus proof-of-concept exploits, which have since been deleted from GitHub, were distributed as executable files that, when executed, may allow access to the system. The proof-of-concepts allegedly targeted CVE-2022-24500 and CVE-2022-26809, both of which can be exploited to execute remote code on Windows systems.
While there is no evidence that the vulnerabilities have been used in attacks, a number of cybersecurity firms have warned that they constitute a significant threat; for example, CVE-2022-26809 is suspected to be wormable.