Elastic Security Labs identified a new malware family called DOUBLELOADER, which uses the ALCATRAZ obfuscator for evasion and pairs with the RHADAMANTHYS infostealer. DOUBLELOADER employs multiple obfuscation techniques such as LEA obfuscation.

Researchers found unused code and dynamic payload loading, hinting at the malware being under active development, indicating future updates may address any issues with contemporary versions.

Elastic Security Labs has discovered a significant development in the GHOSTPULSE malware family, which now hides its payload within the pixel structure of PNG files to evade detection.

A new Windows backdoor named BITSLOTH has been discovered by cybersecurity researchers. This malware exploits the Background Intelligent Transfer Service (BITS) for stealthy communication, making it difficult to detect.

Researchers have observed a surge in email phishing campaigns delivering Latrodectus, a new malware loader believed to be the successor to the IcedID malware, which is capable of deploying additional payloads such as QakBot, DarkGate, and PikaBot.