SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 71

   November 16, 2025  Posted in Securityaffairs

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 71

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape

Malware Newsletter

9 Malicious NuGet Packages Deliver Time-Delayed Destructive Payloads

GlassWorm Returns: New Wave Strikes as We Expose Attacker Infrastructure

Gootloader Returns: What Goodies Did They Bring?

Active Water Saci Campaign Spreading Via WhatsApp Features Multi-Vector Persistence and Sophisticated C&C

Malicious NPM Package Found Targeting GitHub By Typosquatting on GitHub Action Packages

DanaBot malware is back to infecting Windows after 6-month break

Phishing Campaigns “I Paid Twice” Targeting Booking.com Hotels and Customers

Q3 2025 Ransomware Report

Lazarus Group targets Aerospace and Defense with new Comebacker variant

Fantasy Hub: Another Russian Based RAT as M-a-a-S

The Great Indonesian TEA Theft: Analyzing a NPM Spam Campaign

Contagious Interview Actors Now Utilize JSON Storage Services for Malware Delivery

Unleashing the Kraken ransomware group

Malicious Chrome Extension Exfiltrates Seed Phrases, Enabling Wallet Takeover

Pack-A-Mal: A Malware Analysis Framework for Open-Source Packages

Exploiting Data Structures for Bypassing and Crashing Anti-Malware Solutions via Telemetry Complexity Attacks

MalRefiner: Recovering Malware Semantics via Reinforcement Learning-Based Semantic NOP Removal

Integrated Analysis of Malicious Software: Insights from Static and Dynamic Perspectives

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)





Source link