Malware

Ars Technica reports that malicious payloads have been deployed by a malware-as-a-service operator through the exploitation of public GitHub accounts as part of an attack campaign.

The House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection was noted to be reevaluating the Stuxnet malware attack that paralyzed Iran's nuclear program in 2010 as part of a hearing next week that seeks to better understand cybersecurity threats faced by operational technology and critical infrastructure, reports CyberScoop.

Hackread reports that more than a million Android-based Internet of Things devices around the world have been infected with the BADBOX 2.0 botnet through bogus apps, nefarious downloads, or factory installation.

Hong Kong's financial sector has been targeted with the stealthy SquidLoader malware as part of an attack campaign looking to achieve Cobalt Strike beacon compromise, reports Infosecurity Magazine.

Matanbuchus 3.0 adds greater stealth and execution capabilities, and could lead to ransomware.

Additional obfuscation techniques have been integrated into the new iteration of the Android app-spoofing Konfety malware, which facilitates unauthorized app downloads, malicious site visits, and bogus browser notifications, reports BleepingComputer.

CyberScoop reports that open-source remote access trojan AsyncRAT, which touts credential theft, screen capturing, and keylogging capabilities, has been observed to have over 30 different variants and forks since its release in 2019.

Southeast Asia targeted by new state-sponsored HazyBeacon malware Attacks with the novel HazyBeacon Windows backdoor have been launched by state-sponsored threat cluster CL-STA-1020 against government agencies across Southeast Asia as the region has been increasingly targeted in cyberespionage operations, according to The Hacker News.