SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 94

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape

Morpheus: A new Spyware linked to IPS Intelligence

The iPhone — invincible no more: a look at DarkSword and Coruna  

Lotus Wiper: a new threat targeting the energy and utilities sector 

New NGate variant hides in a trojanized NFC payment app  

CVE-2025-29635: Mirai Campaign Targets D-Link Devices  

Same packet, different magic: Mustang Panda hits India’s banking sector and Korea geopolitics  

FIRESTARTER Backdoor  

Namastex.ai npm Packages Hit with TeamPCP-Style CanisterWorm Malware  

Harvester: APT Group Expands Toolset With New GoGra Linux Backdoor

GopherWhisper: A burrow full of malware

Kyber Ransomware Double Trouble: Windows and ESXi Attacks Explained  

Is Shai-Hulud Back? Compromised Bitwarden CLI Contains a Self-Propagating npm Worm  

Trigona Affiliates Deploy Custom Exfiltration Tool to Streamline Data Theft

Snow Flurries: How UNC6692 Employed Social Engineering to Deploy a Custom Malware Suite     

Tropic Trooper Pivots to AdaptixC2 and Custom Beacon Listener 

PINN-LSTM: A High-Precision Physics-Informed Neural Network for Solving Malware Propagation Dynamics in Wireless Sensor Networks

Wavelet-Based and MAML-Driven Framework for Enhanced Few-Shot Malware Classification

Adversarial Evasion in Non-Stationary Malware Detection: Minimizing Drift Signals through Similarity-Constrained Perturbations

Towards Certified Malware Detection: Provable Guarantees Against Evasion Attacks

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)