Where it’s been well and truly forked, seemingly without Microsoft’s code locker noticing

Notorious malware crew TeamPCP appears to have open-sourced its Shai-Hulud worm.

Security outfit Ox on Tuesday spotted a pair of repos on GitHub, both of which contain the following text:

Shai-Hulud: Open Sourcing The Carnage Is it vibe coded? Yes. Does it work? Let results speak. Change keys and C2 as needed. Love - TeamPCP

The Register checked out the repos a few hours before publishing this story and at the time one listed a single fork, and the other mentioned 31. At the time of writing, those numbers have grown to five and 39.

For a further read, check out Ox’s article.