Daily Threat Intel Digest - 2025-12-14

🔴 Critical Threats & Active Exploitation

[NEW] AI-Driven GitHub Supply Chain Attack Delivers PyStoreRAT Backdoor A sophisticated supply chain campaign is actively targeting researchers and developers by distributing a previously undocumented backdoor through convincing, AI-generated GitHub repositories Researchers and Developers Targeted in AI-Driven GitHub Supply Chain Attack. Morphisec Threat Labs reports the attackers reactivate dormant GitHub accounts to add legitimacy to these malicious projects, which then deliver PyStoreRAT Researchers and Developers Targeted in AI-Driven GitHub Supply Chain Attack. The use of large language models to craft professional-looking code and documentation lowers the barrier for creating credible lures, putting any developer who clones or downloads from untrusted repositories at direct risk of remote compromise and persistent data theft. Security teams should advise development staff to scrutinize repository history, contributor activity, and code contents, especially from accounts that have been inactive for long periods.