https://techmonitor.ai/technology/cybersecurity/bogus-zero-day-exploits-laced-with-malware-to-scam-researchers

Hackers have been impersonating security researchers to advertise bogus zero day exploits laced with malware and dupe real researchers into downloading malicious code targeting Linux and Windows from GitHub. The criminals pretend to represent a fake security companies to promote their repositories on Twitter.

The campaign began in early May, advertising fake vulnerabilities in Google's Chrome, chat app Discord and Microsoft Exchange email servers, according to researchers at security company VulnCheck. Zero day exploits are previously unknown vulnerabilities in software, which can prove particularly dangerous in the wrong hands and as such are of great interest to security analysts.