Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.————————————————————————————————————————————–[BlackSuit Ransomware](https://thedfirreport.com/2024/08/26/blacksuit-ransomware/)[Dissecting the Cicada](https://www.truesec.com/hub/blog/dissecting-the-cicada)[Year-Long Campaign of Malicious npm Packages Targeting Roblox Users](https://checkmarx.com/blog/year-long-campaign-of-malicious-npm-packages-targeting-roblox-users/)[Rocinante: The trojan horse that wanted to fly](https://www.threatfabric.com/blogs/the-trojan-horse-that-wanted-to-fly-rocinante)[Threat actors using MacroPack to deploy Brute Ratel, Havoc and PhantomCore payloads](https://blog.talosintelligence.com/threat-actors-using-macropack/)[Earth Lusca Uses KTLVdoor Backdoor for Multiplatform Intrusion](https://www.trendmicro.com/en_us/research/24/i/earth-lusca-ktlvdoor.html)[FBI: Play ransomware gang has attacked 300 orgs since 2022](https://therecord.media/play-ransomware-targets-hundreds)[New Android SpyAgent Campaign Steals Crypto Credentials via Image Recognition](https://www.mcafee.com/blogs/other-blogs/mcafee-labs/new-android-spyagent-campaign-steals-crypto-credentials-via-image-recognition/)[RAMBO: Leaking Secrets from Air-Gap Computers by Spelling Covert Radio Signals from Computer RAM](https://arxiv.org/pdf/2409.02292)[Going beyond API Calls in Dynamic Malware Analysis: A Novel Dataset](https://www.mdpi.com/2079-9292/13/17/3553)[Unveiling a Target and Multi-Stage Malware Attack](https://seguranca-informatica.pt/unveiling-a-target-and-multi-stage-malware-attack/)[Spoofed GlobalProtect Used to Deliver Unique WikiLoader Variant](https://unit42.paloaltonetworks.com/global-protect-vpn-spoof-distributes-wikiloader/)[Earth Lusca Uses KTLVdoor Backdoor for Multiplatform Intrusion](https://www.trendmicro.com/en_us/research/24/i/earth-lusca-ktlvdoor.html)[BlindEagle Targets Colombian Insurance Sector with BlotchyQuasar](https://www.zscaler.com/blogs/security-research/blindeagle-targets-colombian-insurance-sector-blotchyquasar)[Chinese APT Abuses VSCode to Target Government in Asia](https://unit42.paloaltonetworks.com/stately-taurus-abuses-vscode-southeast-asian-espionage/)[Threat Actors Exploit GeoServer Vulnerability CVE-2024-36401](https://www.fortinet.com/blog/threat-research/threat-actors-exploit-geoserver-vulnerability-cve-2024-36401)Follow me on Twitter: [**@securityaffairs**](https://twitter.com/securityaffairs) and [**Facebook**](https://www.facebook.com/sec.affairs) and [Mastodon](https://infosec.exchange/@securityaffairs)[**Pierluigi Paganini**](http://www.linkedin.com/pub/pierluigi-paganini/b/742/559)**(** [**SecurityAffairs**](http://securityaffairs.co/wordpress/)**–** **hacking, newsletter)**
Related Tags:
ControlX
CHROMIUM
Charcoal Typhoon
CVE-2024-36401
NAICS: 921 – Executive
Legislative
Other General Government Support
NAICS: 52 – Finance And Insurance
NAICS: 518 – Computing Infrastructure Providers
Data Processing
Web Hosting
Related Services
NAICS: 92 – Public Administration
NAICS: 339 – Miscellaneous Manufacturing
Associated Indicators: