MUST READ

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 94

 | 

Trigona ransomware adopts custom tool to steal data and evade detection

 | 

Security Affairs newsletter Round 574 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

U.S. CISA adds SimpleHelp, Samsung, and D-Link flaws to its Known Exploited Vulnerabilities catalog

 | 

Over 400,000 sites at risk as hackers exploit Breeze Cache plugin flaw (CVE-2026-3844)

 | 

CISA reports persistent FIRESTARTER backdoor on Cisco ASA device in federal network

 | 

12-year-old Pack2TheRoot bug lets Linux users gain root privileges

 | 

Signal phishing campaign targets Germany’s Bundestag President Julia Klöckner

 | 

Checkmarx supply chain attack impacts Bitwarden npm distribution path

 | 

China-linked threat actors use consumer device botnets to evade detection, warn UK and partners

 | 

Luxury cosmetics giant Rituals discloses data breach impacting member personal details

 | 

iOS Flaw Let Deleted Notifications Linger, Apple Issues Fix

 | 

RAMP Uncovered: Anatomy of Russia’s Ransomware Marketplace

 | 

U.S. CISA adds a flaw in Microsoft Defender to its Known Exploited Vulnerabilities catalog

 | 

Microsoft Graph API misused by new GoGra Linux malware for hidden communication

 | 

DDoS wave continues as Mastodon hit after Bluesky incident

 | 

Mirai Botnet exploits CVE-2025-29635 to target legacy D-Link routers

 | 

Microsoft out-of-band updates fixed critical ASP.NET Core privilege escalation flaw

 | 

Critical BRIDGE:BREAK flaws impact Lantronix and Silex Technology converters

 | 

Venezuela energy sector targeted by highly destructive Lotus wiper

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 94

Pierluigi Paganini April 26, 2026

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape

Morpheus: A new Spyware linked to IPS Intelligence

The iPhone — invincible no more: a look at DarkSword and Coruna  

Lotus Wiper: a new threat targeting the energy and utilities sector 

New NGate variant hides in a trojanized NFC payment app  

CVE-2025-29635: Mirai Campaign Targets D-Link Devices  

Same packet, different magic: Mustang Panda hits India’s banking sector and Korea geopolitics  

FIRESTARTER Backdoor  

Namastex.ai npm Packages Hit with TeamPCP-Style CanisterWorm Malware  

Harvester: APT Group Expands Toolset With New GoGra Linux Backdoor

GopherWhisper: A burrow full of malware

Kyber Ransomware Double Trouble: Windows and ESXi Attacks Explained  

Is Shai-Hulud Back? Compromised Bitwarden CLI Contains a Self-Propagating npm Worm  

Trigona Affiliates Deploy Custom Exfiltration Tool to Streamline Data Theft

Snow Flurries: How UNC6692 Employed Social Engineering to Deploy a Custom Malware Suite     

Tropic Trooper Pivots to AdaptixC2 and Custom Beacon Listener 

PINN-LSTM: A High-Precision Physics-Informed Neural Network for Solving Malware Propagation Dynamics in Wireless Sensor Networks

Wavelet-Based and MAML-Driven Framework for Enhanced Few-Shot Malware Classification

Adversarial Evasion in Non-Stationary Malware Detection: Minimizing Drift Signals through Similarity-Constrained Perturbations

Towards Certified Malware Detection: Provable Guarantees Against Evasion Attacks

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Cybercrime data breach Hacking hacking news information security news IT Information Security malware Newsletter Pierluigi Paganini Security Affairs Security News

you might also like

Pierluigi Paganini April 26, 2026
GopherWhisper: new China-linked APT targets Mongolia with Go-based malware
Read more
Pierluigi Paganini April 26, 2026
Trigona ransomware adopts custom tool to steal data and evade detection
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 94

Malware / April 26, 2026

Trigona ransomware adopts custom tool to steal data and evade detection

Cyber Crime / April 26, 2026

Security Affairs newsletter Round 574 by Pierluigi Paganini – INTERNATIONAL EDITION

Breaking News / April 26, 2026

U.S. CISA adds SimpleHelp, Samsung, and D-Link flaws to its Known Exploited Vulnerabilities catalog

Security / April 25, 2026

Over 400,000 sites at risk as hackers exploit Breeze Cache plugin flaw (CVE-2026-3844)

Uncategorized / April 25, 2026