Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Ransomware Gangs Collapse as Qilin Seizes Control Dissecting a Python Ransomware distributed through GitHub repositories SparkKitty, SparkCat’s little brother: A new Trojan spy found in the App Store and Google Play Uncovering a Tor-Enabled Docker Exploit […] Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Ransomware Gangs Collapse as Qilin Seizes Control Dissecting a Python Ransomware distributed through GitHub repositories SparkKitty, SparkCat’s little brother: A new Trojan spy found in the App Store and Google Play Uncovering a Tor-Enabled Docker Exploit Threat Actors Modify and Re-Create Commercial Software to Steal Users’ Information Resurgence of the Prometei Botnet ConnectUnwise: Threat actors abuse ConnectWise as builder for signed malware GIFTEDCROOK’s Strategic Pivot: From Browser Stealer to Data Exfiltration Platform During Critical Ukraine Negotiations Hive0154 aka Mustang Panda shifts focus on Tibetan community to deploy Pubload backdoor OneClik: A ClickOnce-Based APT Campaign Targeting Energy, Oil and Gas Infrastructure SadFuture: Mapping XDSpy latest evolution FreeType Zero-Day Found by Meta Exploited in Paragon Spyware Attacks UAC-0001 (APT28) Cyber Attacks on Government Agencies Using BEARDSHELL and COVENANT DeepSeek Deception: Sainbox RAT & Hidden Rootkit Delivery Cryptominers’ Anatomy: Shutting Down Mining Botnets Another Wave: North Korean Contagious Interview Campaign Drops 35 New Malicious npm Packages Analysis of the latest attack activities of APT-C-06 (DarkHotel) using BYOVD technology Taiwan Strait hotspot bait! Wangci organization combines 0day and ClickOnce technology to carry out espionage activities Unmasking A New China-Linked Covert ORB Network: Inside the LapDogs Campaign Enhancing Malware Detection via RGB Assembly Visualization and Hybrid Deep Learning Models Analyzing PDFs like Binaries: Adversarially Robust PDF Malware Analysis via Intermediate Representation and Language Model Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini (SecurityAffairs hacking, newsletter)
Published: 2025-06-29T16:41:38