Pierluigi Paganini
April 19, 2026
CPU-Z / HWMonitor watering hole infection – a copy-pasted attack
Fake Claude site installs malware that gives attackers access to your computer
Malware Analysis Static SKILL for Codex
JanelaRAT: a financial threat targeting users in Latin America
Mirax: a new Android RAT turning infected devices into potential residential proxy nodes
Mirax extraction pipeline for StreamTV-like droppers
08 Chrome Extensions Linked to Data Exfiltration and Session Theft via Shared C2 Infrastructure
Signed software abused to deploy antivirus-killing scripts
Someone Bought 30 WordPress Plugins and Planted a Backdoor in All of Them
Inside ZionSiphon: Darktrace’s Analysis of OT Malware Targeting Israeli Water Systems
Tracking Mirai Variant Nexcorium: A Vulnerability-Driven IoT Botnet Campaign
A Deep Dive Into Attempted Exploitation of CVE-2023-33538
Phantom in the vault: Obsidian abused to deliver PhantomPulse RAT
PowMix botnet targets Czech workforce
QEMU abused to evade detection and enable ransomware delivery
LLM4CodeRE: Generative AI for Code Decompilation Analysis and Reverse Engineering
Wavelet-Based and MAML-Driven Framework for Enhanced Few-Shot Malware Classification
Mitigating Metamorphic Malware Through Adversarial Learning Techniques
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, newsletter)
