Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape
Malware Newsletter
Ghost CMS Mass Compromised via CVE-2026-26980, Now Fueling ClickFix Attacks
TrapDoor Crypto Stealer Supply Chain Attack Hits 34 Packages and Hundreds of Versions Across npm, PyPI, and Crates.io
RemotePE: The Lazarus RAT that lives in memory
Fast and Furious – Nimbus Manticore Operations During the Iranian Conflict
Tracking Iranian APT Screening Serpens’ 2026 Espionage Campaigns
Exploitation of KnowledgeDeliver via ViewState Deserialization Vulnerability
Introducing Showboat: A new malware family taunts defenses and targets international telecom firms
Laravel Lang Compromised with RCE Backdoor Across 700+ Versions
Disrupting Glassworm: Inside CrowdStrike’s Takedown of a Developer-Targeting Botnet
Malware-Slop: New Malicious npm Package Leaks Its Own GitHub Private Token
Grandoreiro Malware Campaign Targets Europe and Latin America
FortiClient EMS Exploited via CVE-2026-35616 to Deliver EKZ Infostealer Disguised as a Fortinet Patch
The History of Fileless Malware – Looking Beyond the Buzzword
BTMOB: A stealthy RAT burrowing deep into Android devices
Building an Adversarial Malware Dataset by Family and Type: Generation, Evasion, and Poisoning Evaluation
SEED: Semi-supervised Continual MalwarE Detection for Tackling ConcEpt Drift on a BuDget
Hybrid Intelligent Detection Approach for Android Malware Using Gradient-Boosting Tree Ensembles and Correlation–Differential Evolution Feature SelectionSelf-Organizing Neural Grove for Malware Detection in IoT Edge Devices
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)
