MUST READ

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 86

 | 

CVE-2025-64328 exploitation impacts 900 Sangoma FreePBX instances

 | 

Security Affairs newsletter Round 565 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Canadian Tire 2025 data breach impacts 38 million users

 | 

Microsoft warns of RAT delivered through trojanized gaming utilities

 | 

Aeternum botnet hides commands in Polygon smart contracts

 | 

iPhone and iPad are the first consumer devices cleared for NATO ‘RESTRICTED’ classification

 | 

Juniper issues emergency patch for critical PTX router RCE

 | 

How AI Aids Incident Response: Why Humans Alone Cannot Do IR Efficiently

 | 

12 Million exposed .env files reveal widespread security failures

 | 

ManoMano data breach impacted 38 Million customer accounts

 | 

Trend Micro fixes two critical flaws in Apex One

 | 

UAT-10027 campaign hits U.S. education and healthcare with stealthy Dohdoor backdoor

 | 

U.S. CISA adds Cisco SD-WAN flaws to its Known Exploited Vulnerabilities catalog

 | 

Hackers abused Cisco SD-WAN zero-day since 2023 to gain full admin control

 | 

Google GTIG disrupted China-linked APT UNC2814 halting attacks on 53 orgs in 42 countries

 | 

Untrusted repositories turn Claude code into an attack vector

 | 

ShinyHunters cyberattack on CarGurus impacts 12.4 Million users

 | 

U.S. CISA adds a flaw in Soliton Systems K.K FileZen to its Known Exploited Vulnerabilities catalog

 | 

Lazarus APT group deployed Medusa Ransomware against Middle East target

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 86

Pierluigi Paganini March 01, 2026

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape

Malware Newsletter

Technical Deep Dive: The Monero Mining Campaign

Operation Olalampo: Inside MuddyWater’s Latest Campaign  

VShell and SparkRAT Observed in Exploitation of BeyondTrust Critical Vulnerability (CVE-2026-1731)  

Operation MacroMaze: new APT28 campaign using basic tooling and legit infrastructure

Arkanix Stealer: a C++ & Python infostealer  

North Korean Lazarus Group Now Working With Medusa Ransomware

Exposing the Undercurrent: Disrupting the GRIDTIDE Global Cyber Espionage Campaign  

New Malicious npm Package “ambar-src” Targets Developers with Open Source Malware 

Steaelite RAT Enables Double Extortion Attacks from a Single Panel  

APT37 Adds New Capabilities for Air-Gapped Networks  

New Dohdoor malware campaign targets education and health care

Developer-targeting campaign using malicious Next.js repositories  

Exploring Aeternum C2: a new botnet that lives on the blockchain  

An Explainable Memory Forensics Approach for Malware Analysis

AndroWasm: an Empirical Study on Android Malware Obfuscation through WebAssembly 

Routing-Aware Explanations for Mixture of Experts Graph Models in Malware Detection 

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – malware, newsletter)

Cybercrime data breach Hacking hacking news information security news IT Information Security malware Newsletter Pierluigi Paganini Security Affairs Security News

you might also like

Pierluigi Paganini March 01, 2026
Security Affairs newsletter Round 565 by Pierluigi Paganini – INTERNATIONAL EDITION
Read more
Pierluigi Paganini February 28, 2026
Canadian Tire 2025 data breach impacts 38 million users
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 86

Malware / March 01, 2026

CVE-2025-64328 exploitation impacts 900 Sangoma FreePBX instances

Uncategorized / March 01, 2026

Security Affairs newsletter Round 565 by Pierluigi Paganini – INTERNATIONAL EDITION

Security / March 01, 2026

Canadian Tire 2025 data breach impacts 38 million users

Data Breach / February 28, 2026

Microsoft warns of RAT delivered through trojanized gaming utilities

Malware / February 28, 2026