Pierluigi Paganini
March 29, 2026
New Malware Targets Users of Cobra DocGuard Software
Government of Iran Cyber Actors Deploy Telegram C2 to Push Malware to Identified Targets
Trivy Supply Chain Attack Expands to Compromised Docker Images
VoidStealer: Debugging Chrome to Steal Its Secrets
StoatWaffle, malware used by WaterPlum
Coruna: the framework used in Operation Triangulation
BPFdoor in Telecom Networks: Sleeper Cells in the Backbone
Fake install logs in npm packages load RAT
From W-2 to BYOVD: How a Tax Search Leads to Kernel-Mode AV/EDR Kill
Novel WebRTC skimmer bypasses security controls at $100+ billion car maker
GlassWorm Hides a RAT Inside a Malicious Chrome Extension
Telnyx Malware: TeamPCP Strikes Again Following LiteLLM Compromise
Bearlyfy Releases Genie: F6 Analyzes the Group’s Recent Attacks
‘CanisterWorm’ Springs Wiper Attack Targeting Iran
New BianLian Ransomware Activity Detected: SVG Phishing Campaign Targeting Venezuelan Companies
Pushan: Trace-Free Deobfuscation of Virtualization-Obfuscated Binaries
Mining the YARA Ecosystem: From Ad-Hoc Sharing to Data-Driven Threat Intelligence
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, newsletter)
