SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 29

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Stealthy Credit Card Skimmer Targets WordPress Checkout Pages via Database Injection

Ransomware on ESXi: The mechanization of virtualized attacks

FunkSec – Alleged Top Ransomware Group Powered by AI

Abusing AWS Native Services: Ransomware Encrypting S3 Buckets with SSE-C

Malicious PyPI Package ‘pycord-self’ Targets Discord Developers with Token Theft and Backdoor Exploit

Backdooring Your Backdoors – Another $20 Domain, More Governments

Double-Tap Campaign: Russia-nexus APT possibly related to APT28 conducts cyber espionage on Central Asia and Kazakhstan diplomatic relations

Python-Based Malware Powers RansomHub Ransomware to Exploit Network Flaws

One Mikro Typo: How a simple DNS misconfiguration enables malware delivery by a Russian botnet

Hackers Hide Malware in Images to Deploy VIP Keylogger and 0bj3ctivity Stealer

Detecting Malware C&C Communication Traffic Using Artificial Intelligence Techniques

MalHAPGNN: An Enhanced Call Graph-Based Malware Detection Framework Using Hierarchical Attention Pooling Graph Neural Network

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)