MUST READ

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 68

 | 

Russian Rosselkhoznadzor hit by DDoS attack, food shipments across Russia delayed

 | 

CVE-2025-59287: Microsoft fixes critical WSUS flaw under active attack

 | 

U.S. CISA adds Microsoft WSUS, and Adobe Commerce and Magento Open Source flaws to its Known Exploited Vulnerabilities catalog

 | 

Summoning Team won Master of Pwn as Pwn2Own Ireland Rewards $1,024,750

 | 

China-linked hackers exploit patched ToolShell flaw to breach Middle East telecom

 | 

Pwn2Own Day 2: Organizers paid $792K for 56 0-days

 | 

Lazarus targets European defense firms in UAV-themed Operation DreamJob

 | 

U.S. CISA adds Motex LANSCOPE flaw to its Known Exploited Vulnerabilities catalog

 | 

Over 250 attacks hit Adobe Commerce and Magento via critical CVE-2025-54236 flaw

 | 

Cyberattack on Jaguar Land Rover inflicts $2.5B loss on UK economy

 | 

PhantomCaptcha targets Ukraine relief groups with WebSocket RAT in October 2025

 | 

TP-Link urges immediate updates for Omada Gateways after critical flaws discovery

 | 

TARmageddon flaw in Async-Tar Rust library allows to smuggle extra archives when the library is processing nested TAR files

 | 

Russia-linked COLDRIVER speeds up malware evolution after LOSTKEYS exposure

 | 

Japanese retailer Muji halted online sales after a ransomware attack on logistics partner

 | 

U.S. CISA adds Oracle, Windows, Kentico, and Apple flaws to its Known Exploited Vulnerabilities catalog

 | 

China-Linked Salt Typhoon breaches European Telecom via Citrix exploit

 | 

Russian Lynk group leaks sensitive UK MoD files, including info on eight military bases

 | 

CAPI Backdoor targets Russia’s auto and e-commerce sectors

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 68

Pierluigi Paganini October 26, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape

Malware Newsletter

TikTok videos continue to push infostealers in ClickFix attacks

131 Spamware Extensions Targeting WhatsApp Flood Chrome Web Store 

Salty Much: Darktrace’s view on a recent Salt Typhoon intrusion  

Shifts in the Underground: The Impact of Water Kurita’s (Lumma Stealer) Doxxing 

To Be (A Robot) or Not to Be: New Malware Attributed to Russia State-Sponsored COLDRIVER 

Malicious NuGet Packages Typosquat Nethereum to Exfiltrate Wallet Keys  

GlassWorm: First Self-Propagating Worm Using Invisible Code Hits OpenVSX Marketplace 

PhantomCaptcha | Multi-Stage WebSocket RAT Targets Ukraine in Single-Day Spearphishing Operation 

Gotta fly: Lazarus targets the UAV sector

Fast, Broad, and Elusive: How Vidar Stealer 2.0 Upgrades Infostealer Capabilities  

StealthServer: A Dual-Platform Backdoor from a South Asian APT Group  

Dissecting YouTube’s Malware Distribution Network October 23, 2025 

NeuPerm: Disrupting Malware Hidden in Neural Network Parameters by Leveraging Permutation Symmetry

ThreatIntel-Andro: Expert-Verified Benchmarking for Robust Android Malware Research

Innovative Method for Detecting Malware by Analysing API Request Sequences Based on a Hybrid Recurrent Neural Network for Applied Forensic Auditing

Decentralized Federated Learning for IoT Malware Detection at the Multi-Access Edge: A Two-Tier, Privacy-Preserving Design

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Cybercrime data breach Hacking information security news IT Information Security malware Pierluigi Paganini Security Affairs Security News

you might also like

Pierluigi Paganini October 26, 2025
Security Affairs newsletter Round 547 by Pierluigi Paganini – INTERNATIONAL EDITION
Read more
Pierluigi Paganini October 25, 2025
Russian Rosselkhoznadzor hit by DDoS attack, food shipments across Russia delayed
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 68

Security / October 26, 2025

Security Affairs newsletter Round 547 by Pierluigi Paganini – INTERNATIONAL EDITION

Breaking News / October 26, 2025

Russian Rosselkhoznadzor hit by DDoS attack, food shipments across Russia delayed

Security / October 25, 2025

CVE-2025-59287: Microsoft fixes critical WSUS flaw under active attack

Security / October 25, 2025

U.S. CISA adds Microsoft WSUS, and Adobe Commerce and Magento Open Source flaws to its Known Exploited Vulnerabilities catalog

Security / October 24, 2025