SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104

Pierluigi Paganini July 05, 2026

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape

Malware Newsletter

Hijacked npm Packages Use Novel VSCode Autorun and Blockchain Dead Drops to Deploy a Credential/Crypto Stealer  

Building a CI/CD pipeline for Sigma rules  

Inside StegoAd: How a Threat Actor Evolved to Fuel Silent Ad Fraud and Credential Theft at Scale 

A Djinn in the Machine: TaskWeaver’s Node.js Intrusion Chain  

Chromium extension uses AI‑related branding to redirect browser search  

Mustang Panda targets India’s government and energy sectors with ZOHOMURK and MINIRECON  

RustDuck: An In-Depth Analysis of a Two-Stage Botnet  

From Langflow to Monero: Inside CVE-2026-33017 Cryptominer  

The SOC Files: ScreenConnect masked as freeware. An inside look at a large-scale campaign

Veil#Drop: Blogspot-Hosted PowerShell Loader Delivers PureLog Stealer Through XOR-Encoded In-Memory .NET Payloads

Analysis of Ongoing Ousaban Attacks Targeting the Iberian Peninsula    

Browser-Only Ransomware: From LLM Hallucinations to a Practical Attack Technique      

Popa: From Sourcing to Distribution  

From CitrixBleed 2 to Cloudflared: The Tools and Techniques Behind Anubis Ransomware Attacks      

ToddyCat: your hidden email assistant. Part 2 

PamStealer: a Rust-based macOS infostealer that validates credentials through PAM

Analysis of Ongoing Ousaban Attacks Targeting the Iberian Peninsula

JADEPUFFER: Agentic ransomware for automated database extortion        

Don’t Eat The ChocoPoCs! How Vulnerability Researchers Were Repeatedly Targeted By Trojanised Exploits

PolinRider: North Korea-Linked Supply Chain Campaign Expands Across Open Source Ecosystems      

Lazarus-Linked npm Malware Masquerades as Rollup Polyfills

Cloak and Detonate: Scanner Evasion and Dynamic Detection of Agent Skill Malware

AI-Generated PowerShell Malware: An Experimental Framework and Dataset

A Lightweight Framework for Android Malware Detection via SDAE-Based Multi-View Static Feature Fusion

Addressing Data Scarcity in Malware Classification via Pixel-Level Synthetic Image Generation

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)



you might also like

leave a comment