Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape
Malware Newsletter
Analysis of ShadowPad Attack Exploiting WSUS Remote Code Execution Vulnerability (CVE-2025-59287)
Shai-Hulud 2.0 Supply Chain Attack: 25K+ npm Repos Exposed
Spyware Allows Cyber Threat Actors to Target Users of Messaging Applications
Morphisec Thwarts Russian-Linked StealC V2 Campaign Targeting Blender Users via Malicious .blend Files
Fake adult websites pop realistic Windows Update screen to deliver stealers via ClickFix
ShadowV2 Casts a Shadow Over IoT Devices
ClickFix Gets Creative: Malware Buried in Images
Russian RomCom Utilizing SocGholish to Deliver Mythic Agent to U.S. Companies Supporting Ukraine
Shai Hulud Launches Second Supply-Chain Attack: Zapier, ENS, AsyncAPI, PostHog, Postman Compromised
Inside the GitHub Infrastructure Powering North Korea’s Contagious Interview npm Attacks
Inside the GitHub Infrastructure Powering North Korea’s Contagious Interview npm Attacks
Bloody Wolf: A Blunt Crowbar Threat To Justice
A Research and Development Portfolio of GNN Centric Malware Detection, Explainability, and Dataset Curation
Accuracy and Efficiency Trade-Offs in LLM-Based Malware Detection and Explanation: A Comparative Study of Parameter Tuning vs. Full Fine-Tuning
Synthetic Data: AI’s New Weapon Against Android Malware
The Aho-Corasick Paradigm in Modern Antivirus Engines: A Cornerstone of Signature-Based Malware Detection
Improving the Performance of Static Malware Classification Using Deep Learning Models and Feature Reduction Strategies
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)