Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape
Ransomware Gangs Collapse as Qilin Seizes Control
Dissecting a Python Ransomware distributed through GitHub repositories
SparkKitty, SparkCat’s little brother: A new Trojan spy found in the App Store and Google Play
Uncovering a Tor-Enabled Docker Exploit
Threat Actors Modify and Re-Create Commercial Software to Steal Users’ Information
Resurgence of the Prometei Botnet
ConnectUnwise: Threat actors abuse ConnectWise as builder for signed malware
GIFTEDCROOK’s Strategic Pivot: From Browser Stealer to Data Exfiltration Platform During Critical Ukraine Negotiations
Hive0154 aka Mustang Panda shifts focus on Tibetan community to deploy Pubload backdoor
OneClik: A ClickOnce-Based APT Campaign Targeting Energy, Oil and Gas Infrastructure
SadFuture: Mapping XDSpy latest evolution
FreeType Zero-Day Found by Meta Exploited in Paragon Spyware Attacks
UAC-0001 (APT28) Cyber Attacks on Government Agencies Using BEARDSHELL and COVENANT
DeepSeek Deception: Sainbox RAT & Hidden Rootkit Delivery
Cryptominers’ Anatomy: Shutting Down Mining Botnets
Another Wave: North Korean Contagious Interview Campaign Drops 35 New Malicious npm Packages
Analysis of the latest attack activities of APT-C-06 (DarkHotel) using BYOVD technology
Taiwan Strait hotspot bait! Wangci organization combines 0day and ClickOnce technology to carry out espionage activities
Unmasking A New China-Linked Covert ORB Network: Inside the LapDogs Campaign
Enhancing Malware Detection via RGB Assembly Visualization and Hybrid Deep Learning Models
Analyzing PDFs like Binaries: Adversarially Robust PDF Malware Analysis via Intermediate Representation and Language Model
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)
