SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 19

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

CRON#TRAP: Emulated Linux Environments as the Latest Tactic in Malware Staging  

Typosquat Campaign Targeting npm Developers

ToxicPanda: a new banking trojan from Asia hit Europe and LATAM      

Threat Campaign Spreads Winos4.0 Through Game Application  

New SteelFox Trojan mimics software activators, stealing sensitive data and mining cryptocurrency  

CopyRh(ight)adamantys Campaign: Rhadamantys Exploits Intellectual Property Infringement Baits  

Cloudy With a Chance of RATs: Unveiling APT36 and the Evolution of ElizaRAT  

Mozi Resurfaces as Androxgh0st Botnet: Unraveling The Latest Exploitation Wave 

Roblox Developers Targeted with npm Packages Infected with Skuld Infostealer and Blank Grabber

Malicious Python Package Typosquats Popular ‘fabric’ SSH Library, Exfiltrates AWS Credentials  

Design and Evaluation of Steganographic Channels in Fifth-Generation New Radio

LLMs for Domain Generation Algorithm Detection

VEEAM exploit seen used again with a new ransomware: “Frag”       

BlueNoroff Hidden Risk | Threat Actor Targets Macs with Fake Crypto News and Novel Persistence

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)