SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 42

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape

Malicious NPM Packages Targeting PayPal Users

New Malware Variant Identified: ResolverRAT Enters the Maze      

Nice chatting with you: what connects cheap Android smartphones, WhatsApp and cryptocurrency theft?  

BPFDoor’s Hidden Controller Used Against Asia, Middle East Targets  

Gorilla, a newly discovered Android malware

Cascading Shadows: An Attack Chain Approach to Avoid Detection and Complicate Analysis

IronHusky updates the forgotten MysterySnail RAT to target Russia and Mongolia 

Unmasking the new XorDDoS controller and infrastructure      

Byte Bandits: How Fake PDF Converters Are Stealing More Than Just Your Documents

Renewed APT29 Phishing Campaign Against European Diplomats  

Goodbye HTA, Hello MSI: New TTPs and Clusters of an APT driven by Multi-Platform Attacks  

Slow Pisces Targets Developers With Coding Challenges and Introduces New Customized Python Malware 

Threat actors misuse Node.js to deliver malware and other malicious payloads

Latest Mustang Panda Arsenal: ToneShell and StarProxy | P1

Latest Mustang Panda Arsenal: PAKLOG, CorKLOG, and SplatCloak | P2       

Around the World in 90 Days: State-Sponsored Actors Try ClickFix

Large Language Model (LLM) for Software Security: Code Analysis, Malware Analysis, Reverse Engineering

Malware analysis assisted by AI with R2AI

A Machine Learning-Based Ransomware Detection Method for Attackers’ Neutralization Techniques Using Format-Preserving Encryption

AOAFS: A Malware Detection System Using an Improved Arithmetic Optimization Algorithm

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)