Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Technical Deep Dive: The Monero Mining Campaign Operation Olalampo: Inside MuddyWater’s Latest Campaign VShell and SparkRAT Observed in Exploitation of BeyondTrust Critical Vulnerability (CVE-2026-1731) Operation MacroMaze: new APT28 campaign using basic tooling and legit […] Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Technical Deep Dive: The Monero Mining Campaign Operation Olalampo: Inside MuddyWater’s Latest Campaign VShell and SparkRAT Observed in Exploitation of BeyondTrust Critical Vulnerability (CVE-2026-1731) Operation MacroMaze: new APT28 campaign using basic tooling and legit infrastructure Arkanix Stealer: a C++ & Python infostealer North Korean Lazarus Group Now Working With Medusa Ransomware Exposing the Undercurrent: Disrupting the GRIDTIDE Global Cyber Espionage Campaign New Malicious npm Package “ambar-src” Targets Developers with Open Source Malware Steaelite RAT Enables Double Extortion Attacks from a Single Panel APT37 Adds New Capabilities for Air-Gapped Networks New Dohdoor malware campaign targets education and health care Developer-targeting campaign using malicious Next.js repositories Exploring Aeternum C2: a new botnet that lives on the blockchain An Explainable Memory Forensics Approach for Malware Analysis AndroWasm: an Empirical Study on Android Malware Obfuscation through WebAssembly Routing-Aware Explanations for Mixture of Experts Graph Models in Malware Detection Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini (SecurityAffairs malware, newsletter)
Published: 2026-03-01T10:30:16