Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape
Malware Newsletter
Building a CI/CD pipeline for Sigma rules
Inside StegoAd: How a Threat Actor Evolved to Fuel Silent Ad Fraud and Credential Theft at Scale
A Djinn in the Machine: TaskWeaver’s Node.js Intrusion Chain
Chromium extension uses AI‑related branding to redirect browser search
Mustang Panda targets India’s government and energy sectors with ZOHOMURK and MINIRECON
RustDuck: An In-Depth Analysis of a Two-Stage Botnet
From Langflow to Monero: Inside CVE-2026-33017 Cryptominer
The SOC Files: ScreenConnect masked as freeware. An inside look at a large-scale campaign
Analysis of Ongoing Ousaban Attacks Targeting the Iberian Peninsula
Browser-Only Ransomware: From LLM Hallucinations to a Practical Attack Technique
Popa: From Sourcing to Distribution
From CitrixBleed 2 to Cloudflared: The Tools and Techniques Behind Anubis Ransomware Attacks
ToddyCat: your hidden email assistant. Part 2
PamStealer: a Rust-based macOS infostealer that validates credentials through PAM
Analysis of Ongoing Ousaban Attacks Targeting the Iberian Peninsula
JADEPUFFER: Agentic ransomware for automated database extortion
PolinRider: North Korea-Linked Supply Chain Campaign Expands Across Open Source Ecosystems
Lazarus-Linked npm Malware Masquerades as Rollup Polyfills
Cloak and Detonate: Scanner Evasion and Dynamic Detection of Agent Skill Malware
AI-Generated PowerShell Malware: An Experimental Framework and Dataset
Addressing Data Scarcity in Malware Classification via Pixel-Level Synthetic Image Generation
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, newsletter)
