SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 65

Pierluigi Paganini
October 05, 2025

Malware Newsletter

Smash and Grab: Aggressive Akira Campaign Targets SonicWall VPNs, Deploys Ransomware in an Hour or Less

First Malicious MCP in the Wild: The Postmark Backdoor That’s Stealing Your Emails

EvilAI Operators Use AI-Generated Code and Fake Apps for Far-Reaching Attacks

Phantom Taurus: A New Chinese Nexus APT and the Discovery of the NET-STAR Malware Suite

SVG Phishing hits Ukraine with Amatera Stealer, PureMiner

CABINETRAT backdoor used by UAC-0245 for targeted cyberattacks against SOU (CERT-UA#17479)

Klopatra: exposing a new Android banking trojan operation with roots in Turkey

Check Your Socks – A Deep Dive into soopsocks PyPI Package

New spyware campaigns target privacy-conscious Android users in the UAE

Rhadamanthys 0.9.x – walk through the updates

Detour Dog: DNS Malware Powers Strela Stealer Campaigns

Cavalry Werewolf raids Russia’s public sector with trusted relationship attacks

Confucius Espionage: From Stealer to Backdoor

Zero-Day Ransomware Attack Detection Using Static Portable Executable Header Features

Robust Hashing for Improved CNN Performance in Image-Based Malware Detection

Evaluating the Robustness of a Production Malware Detection System to Transferable Adversarial Attacks

Defending against Stegomalware in Deep Neural Networks with Permutation Symmetry

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

facebook
linkedin
twitter

Cybercrime
data breach
Hacking
hacking news
information security news
IT Information Security
malware
Newsletter
Pierluigi Paganini
Security Affairs
Security News

New Whisper Leak Toolkit Exposes User Prompts to Popular AI Agents within Encrypted Traffic

Hypervisors: The New Frontline in Cyber Warfare

The Tesla Semi Gets A Cyber Makeover. But Is It Really On Track?

How Maximus’s (MMS) New US Air Force Cyber Contract Has Changed Its Investment Story

Popular Windows 11 bypass tool hit by malware copycat | Flyoobe hijacked putting Windows 10 users at risk

GlassWorm malware returns on OpenVSX with 3 new VSCode extensions

LANDFALL Android Malware Exploits Samsung Zero-Day via Malicious WhatsApp Image

Microsoft Teams “Chat with Anyone” Feature Raises Security Concerns Over Phishing Risks

PH urged to maintain Asean geopolitical, economic momentum

The transatlantic bridge: Private sector diplomacy and the new geopolitics of the commercial corridor

Several African nations facing geopolitical challenges

Dividend Growth In A Geopolitical World

Congo-Brazzaville returns to global stock markets after almost 20 years

Why is Fed pumping billions into the market? Is this just a temporary liquidity blip — or the first tremor of something far bigger?...

Layoffs Send US Stock Futures Lower As Global Markets Slip

Tech’s Titanic Tremors: How AI’s Surges and Stumbles Ignite Global Market Volatility and Shake Investor Confidence

Breaking Bad creator Vince Gilligan slams AI as Silicon Valley billionaires’ get-rich scheme: “I think they’re selling…” – The Times of India

Scientists create brain implant smaller than a grain of rice

Charlotte wins 70-65 over Tennessee Tech

Sukup’s dryer innovation earns top award at Iowa tech event

‘Love+War’ Review: The Price of Witnessing the World’s Conflicts (Disney+)

U.S. Backs EU Plan to Use Frozen Russian Assets for Ukraine Aid

GU Institute Launches Fifth Global Gender Conflict Tracker

Global Alliance against Hunger and Poverty faces uphill battle against aid cuts

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 65

New Whisper Leak Toolkit Exposes User Prompts to Popular AI Agents within Encrypted Traffic

Hypervisors: The New Frontline in Cyber Warfare

The Tesla Semi Gets A Cyber Makeover. But Is It Really On Track?

How Maximus’s (MMS) New US Air Force Cyber Contract Has Changed Its Investment Story