This post was originally published on Security Affairs. It can be found here.

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape

Supply chain attack hits Gluestack NPM packages with 960K weekly downloads  

Analysis of the latest Mirai wave exploiting TBK DVR devices with CVE-2024-3721  

Destructive npm Packages Disguised as Utilities Enable Remote System Wipe

AMOS Variant Distributed Via Clickfix In Spectrum-Themed Dynamic Delivery Campaign By Russian Speaking Hackers   

Demystifying Myth Stealer: A Rust Based InfoStealer 

DanaBleed: DanaBot C2 Server Memory Leak Bug  

Two Botnets, One Flaw: Mirai Spreads Through Wazuh Vulnerability  

From Trust to Threat: Hijacked Discord Invites Used for Multi-Stage Malware Delivery 

JSFireTruck: Exploring Malicious JavaScript Using JSF*ck as an Obfuscation Technique  

Fog Ransomware: Unusual Toolset Used in Recent Attack 

Operation Phantom Enigma

Graphite Caught First Forensic Confirmation of Paragon’s iOS Mercenary Spyware Finds Journalists Targeted     

Empirical Quantification of Spurious Correlations in Malware Detection

Striking Back At Cobalt: Using Network Traffic Metadata To Detect Cobalt Strike Masquerading Command and Control Channels

A Survey on Reinforcement Learning-Driven Adversarial Sample Generation for PE Malware

Crypto-Ransomware Detection Through a Honeyfile-Based Approach with R-Locker

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, malware)

This post was originally published on this site