Pierluigi Paganini
May 10, 2026
Malware Newsletter
CloudZ RAT potentially steals OTP messages using Pheno plugin
Backdoored PyTorch Lightning package drops credential stealer
A rigged game: ScarCruft compromises gaming platform in a supply-chain attack
Muddying the Tracks: The State-Sponsored Shadow Behind Chaos Ransomware
Attackers adopt JavaScript runtime Bun to spread NWHStealer
xlabs_v1 DDoS-for-Hire IoT Botnet Exposed: One Operator Error. An Entire Operation Revealed
Darktrace Malware Analysis: Jenkins Honeypot Reveals Emerging Botnet Targeting Online Games
PCPJack | Cloud Worm Evicts TeamPCP and Steals Credentials at Scale
TCLBANKER: Brazilian Banking Trojan Spreading via WhatsApp and Outlook
Fake call logs, real payments: How CallPhantom tricks Android users
PamDOORa: Analyzing a New Linux PAM-Based Backdoor for Sale on the Dark Web
LCC-LLM: Leveraging Code-Centric Large Language Models for Malware Attribution
Trident: Improving Malware Detection with LLMs and Behavioral Features
Evolving IoT Botnet Threats and Practical Honeypot Observation: A Summary Review and Experimental StudyBeyond Pattern Matching: A Cognitive-Driven Framework for DGA Detection via Dual-Perspective Anomaly Perception
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, newsletter)
