Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.————————————————————————————————————————————–[Vishing via Microsoft Teams Facilitates DarkGate Malware Intrusion](https://www.trendmicro.com/en_us/research/24/l/darkgate-malware.html)[Spyware distributed through Amazon Appstore](https://www.mcafee.com/blogs/other-blogs/mcafee-labs/spyware-distributed-through-amazon-appstore/)[BADBOX Botnet Is Back](https://www.bitsight.com/blog/badbox-botnet-back)[Supply Chain Attack on Rspack npm Packages Injects Cryptojacking Malware](https://socket.dev/blog/rspack-supply-chain-attack)[4.5 Million (Suspected) Fake Stars in GitHub: A Growing Spiral of Popularity Contests, Scams, and Malware](https://arxiv.org/pdf/2412.13459)[Attention-Based Malware Detection Model by Visualizing Latent Features Through Dynamic Residual Kernel Network](https://www.mdpi.com/1424-8220/24/24/7953)[A Lightweight Malware Detection Model Based on Knowledge Distillation](https://www.mdpi.com/2227-7390/12/24/4009)[Careto is back: what’s new after 10 years of silence?](https://securelist.com/careto-is-back/114942/)[‘A Digital Prison’: Surveillance and the suppression of civil society in Serbia](https://securitylab.amnesty.org/latest/2024/12/a-digital-prison-surveillance-and-the-suppression-of-civil-society-in-serbia/)[Glutton: A New Zero-Detection PHP Backdoor from Winnti Targets Cybercrimals](https://blog.xlab.qianxin.com/glutton_stealthily_targets_mainstream_php_frameworks-en/)[Hidden in Plain Sight: TA397’s New Attack Chain Delivers Espionage RATs](https://www.proofpoint.com/us/blog/threat-insight/hidden-plain-sight-ta397s-new-attack-chain-delivers-espionage-rats)[Analyzing FLUX#CONSOLE: Using Tax-Themed Lures, Threat Actors Exploit Windows Management Console to Deliver Backdoor Payloads](https://www.securonix.com/blog/analyzing-fluxconsole-using-tax-themed-lures-threat-actors-exploit-windows-management-console-to-deliver-backdoor-payloads/)[Cyberattack UAC-0125 using the theme ‘Army+’ (CERT-UA#12559)](https://cert.gov.ua/article/6281701)Follow me on Twitter: [**@securityaffairs**](https://twitter.com/securityaffairs) and [**Facebook**](https://www.facebook.com/sec.affairs) and [Mastodon](https://infosec.exchange/@securityaffairs)[**Pierluigi Paganini**](http://www.linkedin.com/pub/pierluigi-paganini/b/742/559)**(** [**SecurityAffairs**](http://securityaffairs.co/wordpress/)**–** **hacking, **malware**)**
Related Tags:
NAICS: 921 – Executive
Legislative
Other General Government Support
NAICS: 42 – Wholesale Trade
NAICS: 424 – Merchant Wholesalers
Nondurable Goods
NAICS: 517 – Telecommunications
NAICS: 518 – Computing Infrastructure Providers
Data Processing
Web Hosting
Related Services
NAICS: 92 – Public Administration
NAICS: 51 – Information
Blog: Security Affairs
Associated Indicators: