National Cyber Warfare Foundation (NCWF)

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104


0 user ratings
2026-07-05 18:16:54
milo
Blue Team (CND)
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Hijacked npm Packages Use Novel VSCode Autorun and Blockchain Dead Drops to Deploy a Credential/Crypto Stealer   Building a CI/CD pipeline for Sigma rules   Inside StegoAd: How a Threat Actor Evolved to Fuel Silent Ad […


Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape





Malware Newsletter





Hijacked npm Packages Use Novel VSCode Autorun and Blockchain Dead Drops to Deploy a Credential/Crypto Stealer  





Building a CI/CD pipeline for Sigma rules  





Inside StegoAd: How a Threat Actor Evolved to Fuel Silent Ad Fraud and Credential Theft at Scale 





A Djinn in the Machine: TaskWeaver’s Node.js Intrusion Chain  





Chromium extension uses AI‑related branding to redirect browser search  





Mustang Panda targets India’s government and energy sectors with ZOHOMURK and MINIRECON  





RustDuck: An In-Depth Analysis of a Two-Stage Botnet  





From Langflow to Monero: Inside CVE-2026-33017 Cryptominer  





The SOC Files: ScreenConnect masked as freeware. An inside look at a large-scale campaign





Veil#Drop: Blogspot-Hosted PowerShell Loader Delivers PureLog Stealer Through XOR-Encoded In-Memory .NET Payloads





Analysis of Ongoing Ousaban Attacks Targeting the Iberian Peninsula    





Browser-Only Ransomware: From LLM Hallucinations to a Practical Attack Technique      





Popa: From Sourcing to Distribution  





From CitrixBleed 2 to Cloudflared: The Tools and Techniques Behind Anubis Ransomware Attacks      





ToddyCat: your hidden email assistant. Part 2 





PamStealer: a Rust-based macOS infostealer that validates credentials through PAM





Analysis of Ongoing Ousaban Attacks Targeting the Iberian Peninsula





JADEPUFFER: Agentic ransomware for automated database extortion        





Don’t Eat The ChocoPoCs! How Vulnerability Researchers Were Repeatedly Targeted By Trojanised Exploits





PolinRider: North Korea-Linked Supply Chain Campaign Expands Across Open Source Ecosystems      





Lazarus-Linked npm Malware Masquerades as Rollup Polyfills





Cloak and Detonate: Scanner Evasion and Dynamic Detection of Agent Skill Malware





AI-Generated PowerShell Malware: An Experimental Framework and Dataset





A Lightweight Framework for Android Malware Detection via SDAE-Based Multi-View Static Feature Fusion





Addressing Data Scarcity in Malware Classification via Pixel-Level Synthetic Image Generation





Follow me on Twitter: @securityaffairs and Facebook and Mastodon





Pierluigi Paganini





(SecurityAffairs – hacking, newsletter)



Source: SecurityAffairs
Source Link: https://securityaffairs.com/194785/uncategorized/security-affairs-malware-newsletter-round-104.html


Comments
new comment
Nobody has commented yet. Will you be the first?
 
Forum
Blue Team (CND)



Copyright 2012 through 2026 - National Cyber Warfare Foundation - All rights reserved worldwide.