Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Technical Deep Dive: The Monero Mining Campaign Operation Olalampo: Inside MuddyWater’s Latest Campaign   VShell and SparkRAT Observed in Exploitation of BeyondTrust Critical Vulnerability (CVE-2026-1731)   Operation MacroMaze: new APT28 campaign using basic tooling and legit […

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape

Malware Newsletter

Technical Deep Dive: The Monero Mining Campaign

Operation Olalampo: Inside MuddyWater’s Latest Campaign  

VShell and SparkRAT Observed in Exploitation of BeyondTrust Critical Vulnerability (CVE-2026-1731)  

Operation MacroMaze: new APT28 campaign using basic tooling and legit infrastructure

Arkanix Stealer: a C++ & Python infostealer  

North Korean Lazarus Group Now Working With Medusa Ransomware

Exposing the Undercurrent: Disrupting the GRIDTIDE Global Cyber Espionage Campaign  

New Malicious npm Package “ambar-src” Targets Developers with Open Source Malware 

Steaelite RAT Enables Double Extortion Attacks from a Single Panel  

APT37 Adds New Capabilities for Air-Gapped Networks  

New Dohdoor malware campaign targets education and health care

Developer-targeting campaign using malicious Next.js repositories  

Exploring Aeternum C2: a new botnet that lives on the blockchain  

An Explainable Memory Forensics Approach for Malware Analysis

AndroWasm: an Empirical Study on Android Malware Obfuscation through WebAssembly 

Routing-Aware Explanations for Mixture of Experts Graph Models in Malware Detection 

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – malware, newsletter)

Source: SecurityAffairs
Source Link: https://securityaffairs.com/188691/malware/security-affairs-malware-newsletter-round-86.html