Cyber Security News Daily Recap

Threat Research | Weekly Recap [01 Mar 2026]

admin
Threat Research | Weekly Recap [01 Mar 2026]

Cybersecurity Threat Research ‘Weekly’ Recap highlights burgeoning risks from agentic AI in SOCs, OpenClaw backdoors, and AI‑augmented malware experiments, spanning supply‑chain abuse, developer‑targeting campaigns, phishing, and OT/edge security implications. It catalogs notable actors and families—OpenClaw, SURXRAT, Moonrise, Winos 4.0, Lazarus/Medusa, APT36, APT37, GRIDTIDE, UNC2814, MuddyWater—and techniques from StegaBin steganography to Go module backdoors and AI‑assisted detection engineering. #OpenClaw #AMOS #SURXRAT #Moonrise #Winos4.0 #Lazarus #Medusa #APT36 #APT37 #GRIDTIDE #MuddyWater #StegaBin #XWorm #DcRAT

AI, agentic assistants & LLM‑related risks

  • Agentic AI moves to SOC production in 2026, automating triage, correlated attack discovery and auditable response while detecting LOLBins like certutil.exe. Why 2026 is the Year to Upgrade
  • OpenClaw exposures: internet‑exposed Gateways, reverse‑proxy auth bypasses, trojanized VS Code extensions and malicious skills increase high‑privilege attack surface. OpenClaw in the wild
  • Access to an executive’s OpenClaw instance was marketed as a turnkey backdoor (conversations, tokens and company DBs), highlighting marketplaces for AI assistant compromise. OpenClaw backdoor sale (Cato CTRL)
  • Malicious OpenClaw skills distributed a new AMOS macOS stealer via fake CLI installers, harvesting keychains, wallets and browser data. OpenClaw skills → AMOS
  • SURXRAT Android RAT now conditionally downloads a >23GB LLM module from Hugging Face—signal of AI‑augmented malware experiments. SURXRAT LLM downloads
  • Critical RCE and API‑key exfiltration flaws in Anthropic’s Claude Code (patched) allowed repo‑controlled configs to execute code and steal keys. Claude Code RCE & API exfil
  • Elastic’s ES|QL COMPLETION embeds LLM inference into queries to enable AI‑augmented detection engineering inline. ES|QL COMPLETION

Supply‑chain & developer‑targeting abuse

  • Coordinated typosquatting npm campaign (StegaBin) used Pastebin character‑level steganography to hide Vercel C2 and deliver a RAT + nine‑module infostealer linked to DPRK‑aligned actors. StegaBin npm campaign
  • Malicious Go module impersonating golang.org/x/crypto inserted a ReadPassword backdoor, staged via curl|sh and delivered Rekoobe Linux backdoors. Malicious Go “crypto” module
  • Typosquatted NuGet StripeApi.Net injected code to capture API tokens and exfiltrate to a Supabase backend; package removed by admins. StripeApi.Net NuGet trojan
  • Four coordinated malicious NuGet packages (NCryptYo, DOMOAuth2_, IRAOAuth2.0, SimpleWriter_) used JIT hooks, obfuscation and localhost proxies to exfiltrate ASP.NET Identity data. NuGet supply‑chain cluster
  • Developer‑targeting campaign seeded malicious Next.js repos and VS Code automations that fetch runtime JS via Vercel staging endpoints to exfiltrate environment/backends. Next.js developer‑targeting repos

Phishing, AiTM and identity theft

  • PWA phishing impersonating Google Account security used service workers to harvest contacts, OTPs and proxy traffic; delivered Android APK com.device.sync with keylogger and device‑admin persistence. Fake Google security → browser RAT
  • The 1Phish kit evolved into an MFA‑aware, REST API phishing platform capturing emails, secret keys, OTPs and recovery codes with fingerprinting and bot scoring. 1Phish technical deep dive
  • ShinyHunters scaled SaaS access theft via branded subdomain impersonation plus phone‑guided AiTM phishing and outsourced spam/voice operators to hijack SSO sessions. ShinyHunters subdomain impersonation
  • Digital invitation phishing abused branded invite services to harvest credentials via disposable domains and redirect flows. Punchbowl phishing explained
  • Bitpanda‑themed phishing replicated service pages to harvest credentials and extensive PII via multi‑step “verification” flows. Bitpanda PII phishing
  • Actors abuse the .arpa TLD and delegated IPv6 reverse DNS to host phishing content that bypasses reputation controls via A records and short‑lived links. Abusing .arpa for phishing

Malware, ransomware & mobile threats

  • Moonrise is a low‑detection Go RAT using WebSocket C2 and interactive control—detectable primarily via behavior analysis and fast SOC workflows. Moonrise RAT
  • Massive Taiwan campaigns delivered Winos 4.0 (ValleyRat) via weaponized attachments, DLL sideloading and BYOVD driver abuse; activity linked to a Silver Fox subgroup. Winos 4.0 campaigns
  • Internet‑facing Apache ActiveMQ RCE (CVE‑2023‑46604) enabled Meterpreter stagers, LSASS dumps and a follow‑on LockBit ransomware deployment via RDP/AnyDesk. ActiveMQ exploit → LockBit
  • AttackIQ published a BlackByte ransomware emulation (scheduled tasks, disabling AV/firewall, shadow copy deletion, AES/RSA encryption) for defensive validation. BlackByte emulation
  • MarsSnake (LuciDoor) backdoor decrypts runtime configs, collects system metadata and performs a validated HTTP POST handshake to C2. MarsSnake (LuciDoor) backdoor
  • SURXRAT Android RAT and MaaS ecosystem continues evolution (access, locking) and large LLM module experiments—monetization + capability expansion. SURXRAT LLM downloads

State‑aligned APT & espionage campaigns

  • Andariel (Lazarus umbrella) blends strategic espionage and revenue ops using exploitation, spear‑phishing, living‑off‑the‑land and ransomware/crypto theft tooling. Andariel dark‑web profile
  • North Korean Lazarus actors also deployed Medusa ransomware against U.S. healthcare and other targets, continuing extortion and leak‑site activity. Lazarus & Medusa
  • APT36 (Transparent Tribe) ran a multi‑vector campaign using engineered ZIPs, deceptive shortcuts and macro add‑ins to deliver RATs with raw TCP C2. APT36 multi‑vector campaign
  • APT37 Ruby Jumper campaign adds tools (RESTLEAF, SNAKEDROPPER, etc.), abuses Zoho WorkDrive and removable media to bridge air‑gapped networks. APT37 Ruby Jumper
  • UNC2814’s novel GRIDTIDE backdoor abused the Google Sheets API as covert C2; disruption by GTIG/Mandiant terminated attacker projects and published IOCs. Disrupting GRIDTIDE (UNC2814)
  • Longitudinal review of MuddyWater highlights long dwell, spear‑phishing and legit RMM misuse as cornerstones of Middle East espionage operations. MuddyWater chronology

Infrastructure abuse & delivery techniques

  • Threat actors abuse Windows File Explorer + WebDAV, using .url/.lnk shortcuts, UNC paths and short‑lived Cloudflare Tunnel demo domains to deliver RATs like XWorm and DcRAT. WebDAV & File Explorer abuse
  • Pastebin steganography, Vercel staging endpoints, dangling CNAMEs and TDS redirects are being combined to rotate short‑lived phishing/C2 links and evade reputation filtering (see StegaBin/Next.js entries). Steganography & hosting abuse

Detection engineering, tooling & intel improvements

  • Manage Elastic Security stacks as code with the Terraform provider—detection rules, exceptions, ML jobs and AI connectors in HCL for versioned, auditable deployments. Elastic Stack Terraform provider
  • Guidance on ingesting and exploring network firewall logs in Elastic to pair network telemetry with endpoint data and prepare automated detections. Make the most of firewall logs
  • Validin’s MISP expansion and YARA enhancements (IPv4 scanning) improve enrichment and discovery of exposed assets, including Telegram bot tokens and bot servers. Validin MISP & YARA improvements

OT & edge security

  • Joint research shows ~70% of OT‑impacting attacks originate in IT with average dwell ~185 days—advocates shifting detection to the IT–OT edge to catch precursors earlier. Turning time into advantage in OT security

Threat Research | Weekly Recap – hendryadrian.com