SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 105

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape

Malware Newsletter

Novel Java-Based QuimaRAT Targets Windows, macOS, and Linux  

Vibe Coded Extortion: Avalon’s Path from Legal Lure to CrownX Ransom Capabilities

Armored Likho digging a snake pit: inside the covert BusySnake Stealer campaign  

RedWing: A Mobile Malware-as-a-Service Operation  

Cavern Manticore: Exposing Iran-Linked Modular C2 Framework  

ClickFix to Cash-Out: Anatomy of a Mexican Banking-Fraud Toolkit  

Fake Installers, Fake Reviews, Fake Services – Real Proxies, Real Victims  

GodDamn Ransomware: Latest Beast Rebrand Uses Malicious Driver to Disable Defenses

The BYOVD Epidemic: How Attackers Are Weaponizing Trusted Windows Drivers to Kill Security 

GigaWiper: Anatomy of a destructive backdoor assembled from multiple malware

Malicious Go Module Exposes GitHub Malware Lure Network Spanning 222 Repositories  

Ransomware statistics 2026: confirmed attacks by month  

ThreatVisionAI: A Hybrid CNN-ViT Framework for Image-Based Malware Classification

Cloak and Detonate: Scanner Evasion and Dynamic Detection of Agent Skill Malware

A Blockchain and Federated Learning Framework for Image-Based IoT Malware Detection and Prevention

A Lightweight Framework for Android Malware Detection via SDAE-Based Multi-View Static Feature Fusion

jscrambler npm Package Compromised in Supply Chain Attack  

One Target, Two Flags | Rival Espionage Actors Converge On Pakistani Law Enforcement

Operation Phnom Penh: Silver Fox Ghost Distributor Targets Specific Victims with MODBEACON Custom TrojanHow WP-SHELLSTORM Exposed 1.4M WordPress Sites

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to our Newsletter