Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.————————————————————————————————————————————–[Gmail For Exfiltration: Malicious npm Packages Target Solana Private Keys and Drain Victims’ Wallets](https://socket.dev/blog/gmail-for-exfiltration-malicious-npm-packages-target-solana-private-keys-and-drain-victim-s)[Threat Bulletin: Weaponized Software Targets Chinese-Speaking Organizations](https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/)[Mass Campaign of Murdoc Botnet Mirai: A New Variant of Corona Mirai](https://blog.qualys.com/vulnerabilities-threat-research/2025/01/21/mass-campaign-of-murdoc-botnet-mirai-a-new-variant-of-corona-mirai)[Sophos MDR tracks two ransomware campaigns using ’email bombing,’ Microsoft Teams ‘vishing’](https://news.sophos.com/en-us/2025/01/21/sophos-mdr-tracks-two-ransomware-campaigns-using-email-bombing-microsoft-teams-vishing/)[The J-Magic Show: Magic Packets and Where to find them](https://blog.lumen.com/the-j-magic-show-magic-packets-and-where-to-find-them/)[Fake Homebrew Google ads target Mac users with malware](https://www.bleepingcomputer.com/news/security/fake-homebrew-google-ads-target-mac-users-with-malware/)[Qbot is Back.Connect](https://medium.com/walmartglobaltech/qbot-is-back-connect-2d774052369f)[HellCat and Morpheus -| Two Brands, One Payload as Ransomware Affiliates Drop Identical Code](https://www.sentinelone.com/blog/hellcat-and-morpheus-two-brands-one-payload-as-ransomware-affiliates-drop-identical-code/)[Homebrew macOS Users Targeted With Information Stealer Malware](https://www.securityweek.com/homebrew-macos-users-targeted-with-information-stealer-malware/)[Lumma Stealer: Fake CAPTCHAs -& New Techniques to Evade Detection](https://www.netskope.com/blog/lumma-stealer-fake-captchas-new-techniques-to-evade-detection)[TRIPLESTRENGTH Hits Cloud for Cryptojacking, On-Premises Systems for Ransomware](https://thehackernews.com/2025/01/triplestrength-targets-cloud-platforms.html)[Android malware in DoNot APT Operations](https://www.cyfirma.com/research/android-malware-in-donot-apt-operations/)[Defending against Adversarial Malware Attacks on ML-based Android Malware Detection Systems](https://arxiv.org/abs/2501.13782)[An Intelligent Technique for Android Malware Identification Using Fuzzy Rank-Based Fusion](https://www.mdpi.com/2227-7080/13/2/45)[Detecting Malware C-&C Communication Traffic Using Artificial Intelligence Techniques](https://www.mdpi.com/2624-800X/5/1/4)Follow me on Twitter: [**@securityaffairs**](https://twitter.com/securityaffairs) and [**Facebook**](https://www.facebook.com/sec.affairs) and [Mastodon](https://infosec.exchange/@securityaffairs)[**Pierluigi Paganini**](http://www.linkedin.com/pub/pierluigi-paganini/b/742/559)**(** [**SecurityAffairs**](http://securityaffairs.co/wordpress/)**–** **hacking, [newsletter](https://securityaffairs.com/172978/malware/security-affairs-malware-newsletter-round-28.html))**
Related Tags:
NAICS: 335 – Electrical Equipment
Appliance
Component Manufacturing
NAICS: 519 – Web Search Portals
Libraries
Archives
Other Information Services
NAICS: 541 – Professional
Scientific
Technical Services
NAICS: 52 – Finance And Insurance
NAICS: 518 – Computing Infrastructure Providers
Data Processing
Web Hosting
Related Services
NAICS: 33 – Manufacturing – Metal
Electronics And Other
NAICS: 523 – Securities
Commodity Contracts
Other Financial Investments And Related Activities
NAICS: 51 – Information
TA0010 – Exfiltration
Associated Indicators: