THE "Security Affairs Malware Newsletter Round 104," authored by Pierluigi Paganini on July 5, 2026, compiles significant articles and research focused on current malware threats. Key topics include:
1. "Hijacked npm Packages" that deploy credential stealers via VSCode autorun.
2. Development of a CI/CD pipeline for Sigma rules.
3. The evolution of threat actors in ad fraud and credential theft examined in "Inside StegoAd."
4. Analysis of "RustDuck," a two-stage botnet.
5. Ongoing attacks by "Mustang Panda" targeting Indian government sectors.
6. Attribute shifts in cryptominer activities from Langflow to Monero.
7. Ransomware strategies using browser-only attacks.
8. Detecting AI-generated PowerShell malware.
9. Examination of Trojanized exploits targeting vulnerability researchers.
10. Updates on North Korea-linked supply chain campaigns.
Overall, the newsletter provides a comprehensive overview of malware developments and trends.