Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.————————————————————————————————————————————–[Unplugging PlugX: Sinkholing the PlugX USB worm botnet](https://blog.sekoia.io/unplugging-plugx-sinkholing-the-plugx-usb-worm-botnet/) [Introducing Gh0stGambit: A Dropper for Deploying Gh0st RAT](https://www.esentire.com/blog/a-dropper-for-deploying-gh0st-rat) [Mandrake spyware sneaks onto Google Play again, flying under the radar for two years](https://securelist.com/mandrake-apps-return-to-google-play/113147/) [A Survey of Malware Detection Using Deep Learning](https://arxiv.org/pdf/2407.19153) [ThreatLabz 2024_Ransomware Report](https://www.zscaler.com/resources/industry-reports/threatlabz-ransomware-report.pdf) [Phishing targeting Polish SMBs continues via ModiLoader](https://www.welivesecurity.com/en/eset-research/phishing-targeting-polish-smbs-continues-modiloader/) [BingoMod: The new android RAT that steals money and wipes data](https://www.cleafy.com/cleafy-labs/bingomod-the-new-android-rat-that-steals-money-and-wipes-data) [Unmasking the SMS Stealer: Targeting Several Countries with Deceptive Apps](https://www.zimperium.com/blog/unmasking-the-sms-stealer-targeting-several-countries-with-deceptive-apps/) [BITS and Bytes: Analyzing BITSLOTH, a newly identified backdoor](https://www.elastic.co/security-labs/bits-and-bytes-analyzing-bitsloth) [Increased Activity Against Apache OFBiz CVE-2024-32113](https://isc.sans.edu/forums/diary/Increased+Activity+Against+Apache+OFBiz+CVE202432113/31132/) [UNC4393 Goes Gently into the SILENTNIGHT](https://cloud.google.com/blog/topics/threat-intelligence/unc4393-goes-gently-into-silentnight/) [STARGAZERS GHOST NETWORK](https://research.checkpoint.com/2024/stargazers-ghost-network/) [Malicious Inauthentic Falcon Crash Reporter Installer Distributed to German Entity via Spearphishing Website](https://www.crowdstrike.com/blog/malicious-inauthentic-falcon-crash-reporter-installer-spearphishing/) [SeleniumGreed: Threat actors exploit exposed Selenium Grid services for Cryptomining](https://www.wiz.io/blog/seleniumgreed-cryptomining-exploit-attack-flow-remediation-steps) [StackExchange Abused to Spread Malicious Python Package That Drains Victims Crypto Wallets](https://checkmarx.com/blog/stackexchange-abused-to-spread-malicious-python-package-that-drains-victims-crypto-wallets/) [Social Media Malvertising Campaign Promotes Fake AI Editor Website for Credential Theft](https://www.trendmicro.com/en_us/research/24/h/malvertising-campaign-fake-ai-editor-website-credential-theft.html) [Threat Actor Abuses Cloudflare Tunnels to Deliver RATs](https://www.proofpoint.com/us/blog/threat-insight/threat-actor-abuses-cloudflare-tunnels-deliver-rats) [Fighting Ursa Luring Targets With Car for Sale](https://unit42.paloaltonetworks.com/fighting-ursa-car-for-sale-phishing-lure/)Follow me on LinkedIn and subscribe to the Newsletter to receive it for free every week.Follow me on Twitter: [**@securityaffairs**](https://twitter.com/securityaffairs) and [**Facebook**](https://www.facebook.com/sec.affairs) and [Mastodon](https://infosec.exchange/@securityaffairs)[**Pierluigi Paganini**](http://www.linkedin.com/pub/pierluigi-paganini/b/742/559)**(** [**SecurityAffairs**](http://securityaffairs.co/wordpress/)**–** **hacking, newsletter)**
Related Tags:
NAICS: 54 – Professional
Scientific
Technical Services
NAICS: 519 – Web Search Portals
Libraries
Archives
Other Information Services
NAICS: 541 – Professional
Scientific
Technical Services
NAICS: 339 – Miscellaneous Manufacturing
NAICS: 33 – Manufacturing – Metal
Electronics And Other
NAICS: 51 – Information
gh0st RAT
Moudoor
Mydoor
Associated Indicators: