Inteligencia-De-Amenazas

North Korean threat actors responsible for the “Contagious Interview” campaign have flooded the npm registry with 197 additional malicious packages since last month. According to a Socket analysis, these packages have accumulated more than 31,000 downloads and are designed to distribute a variant of OtterCookie that combines features from BeaverTail and previous versions of OtterCookie. Infection Mechanism and Malware Capabilities The malware, once executed, performs various evasion actions, profiles the compromised machine and establishes a command and control (C2) channel. This channel provides attackers with remote shell and data theft capabilities, including: ...

Threat actors linked to the RomCom group have been observed using the SocGholish JavaScript loader to deliver the Mythic Agent to a US-based civil engineering company. This event marks the first time that a RomCom payload distributed through SocGholish has been detected. The attack has been attributed with medium-high confidence to Unit 29155 of the Main Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU). The targeted entity is a company that had previously worked for a city with close ties to Ukraine. ...