Malicious activity is on the rise, with thirty-six rogue npm Strapi packages exploiting Redis vulnerabilities to gain remote code execution, steal database information, and establish persistent command and control channels. Additionally, malicious LNK files are being used to distribute a Python-based backdoor, attributed to the Kimsuky Group, which has adapted its distribution techniques. Hackers are also targeting ComfyUI servers to create a cryptomining proxy botnet. The Pawn Storm campaign has been deploying PRISMEX, focusing on government and critical infrastructure entities. These developments highlight the evolving threat landscape, with attackers continually seeking new ways to exploit vulnerabilities and gain unauthorized access1. This matters to security practitioners because staying informed about the latest threats and techniques is crucial for maintaining effective defenses against these emerging threats.
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 92
⚠️ Critical Alert
Why This Matters
Security developments continue reshaping the threat landscape — staying informed is the first line of defense.
References
- SecurityAffairs. (2026, April 12). SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 92. SecurityAffairs. https://securityaffairs.com/190672/malware/security-affairs-malware-newsletter-round-92.html
Original Source
SecurityAffairs
Read original →