SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 68

Pierluigi Paganini
October 26, 2025

Malware Newsletter

TikTok videos continue to push infostealers in ClickFix attacks

131 Spamware Extensions Targeting WhatsApp Flood Chrome Web Store 

Salty Much: Darktrace’s view on a recent Salt Typhoon intrusion  

Shifts in the Underground: The Impact of Water Kurita’s (Lumma Stealer) Doxxing 

To Be (A Robot) or Not to Be: New Malware Attributed to Russia State-Sponsored COLDRIVER 

Malicious NuGet Packages Typosquat Nethereum to Exfiltrate Wallet Keys  

GlassWorm: First Self-Propagating Worm Using Invisible Code Hits OpenVSX Marketplace 

PhantomCaptcha | Multi-Stage WebSocket RAT Targets Ukraine in Single-Day Spearphishing Operation 

Gotta fly: Lazarus targets the UAV sector

Fast, Broad, and Elusive: How Vidar Stealer 2.0 Upgrades Infostealer Capabilities  

StealthServer: A Dual-Platform Backdoor from a South Asian APT Group  

Dissecting YouTube’s Malware Distribution Network October 23, 2025 

NeuPerm: Disrupting Malware Hidden in Neural Network Parameters by Leveraging Permutation Symmetry

ThreatIntel-Andro: Expert-Verified Benchmarking for Robust Android Malware Research

Innovative Method for Detecting Malware by Analysing API Request Sequences Based on a Hybrid Recurrent Neural Network for Applied Forensic Auditing

Decentralized Federated Learning for IoT Malware Detection at the Multi-Access Edge: A Two-Tier, Privacy-Preserving Design

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

facebook
linkedin
twitter

Cybercrime
data breach
Hacking
information security news
IT Information Security
malware
Pierluigi Paganini
Security Affairs
Security News