Security Affairs Malware Newsletter – Round 5

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Unplugging PlugX: Sinkholing the PlugX USB worm botnet  
Introducing Gh0stGambit: A Dropper for Deploying Gh0st RAT  
Mandrake spyware sneaks onto Google Play again, flying under the radar for two years
A Survey of Malware Detection Using Deep Learning
ThreatLabz 2024_Ransomware Report  
Phishing targeting Polish SMBs continues via ModiLoader  
BingoMod: The new android RAT that steals money and wipes data  
Unmasking the SMS Stealer: Targeting Several Countries with Deceptive Apps   
BITS and Bytes: Analyzing BITSLOTH, a newly identified backdoor
Increased Activity Against Apache OFBiz CVE-2024-32113
UNC4393 Goes Gently into the SILENTNIGHT  
STARGAZERS GHOST NETWORK
Malicious Inauthentic Falcon Crash Reporter Installer Distributed to German Entity via Spearphishing Website  
SeleniumGreed: Threat actors exploit exposed Selenium Grid services for Cryptomining
StackExchange Abused to Spread Malicious Python Package That Drains Victims Crypto Wallets  
Social Media Malvertising Campaign Promotes Fake AI Editor Website for Credential Theft
Threat Actor Abuses Cloudflare Tunnels to Deliver RATs
Fighting Ursa Luring Targets With Car for Sale

Follow me on LinkedIn and subscribe to the Newsletter to receive it for free every week.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)