Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape
Malware Newsletter
Brewing Trouble — Dissecting a macOS Malware Campaign
Large-Scale Attack Targeting Macs via GitHub Pages Impersonating Companies to Attempt to Deliver Stealer Malware
Prompts as Code & Embedded Keys | The Hunt for LLM-Enabled Malware
The Chameleon’s Trap: Inside the Top 3 Exploit Thriving on 60% of Unpatched MS Office Systems
YiBackdoor: A New Malware Family With Links to IcedID and Latrodectus
Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys
How RainyDay, Turian and a new PlugX variant abuse DLL search order hijacking
Mapping the Infrastructure and Malware Ecosystem of MuddyWater
Operation Rewrite: Chinese-Speaking Threat Actors Deploy BadIIS in a Wide Scale SEO Poisoning Campaign
ShadowV2: An emerging DDoS for hire botnet
Another BRICKSTORM: Stealthy Backdoor Enabling Espionage into Tech and Legal Sectors
RedNovember Targets Government, Defense, and Technology Organizations
Malware Analysis Report RayInitiator & LINE VIPER
XCSSET evolves again: Analyzing the latest updates to XCSSET’s inventory
Bearlyfy: The Evolution of a New Ransomware Group and Its Connection to PhantomCore
Updated BO Team Grouping Tools
Deniability by Design: DNS-Driven Insights into a Malicious Ad Network
Defending against Stegomalware in Deep Neural Networks with Permutation Symmetry
CyberSOCEval: Benchmarking LLMs Capabilities for Malware Analysis and Threat Intelligence Reasoning
DCmal-2025: A Novel Routing-Based DisConnectivity Malware—Development, Impact, and Countermeasures
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)
