Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.————————————————————————————————————————————–[Malicious packages deepseeek and deepseekai published in Python Package Index](https://global.ptsecurity.com/analytics/pt-esc-threat-intelligence/malicious-packages-deepseeek-and-deepseekai-published-in-python-package-index)[Coyote Banking Trojan: A Stealthy Attack via LNK Files](https://www.fortinet.com/blog/threat-research/coyote-banking-trojan-a-stealthy-attack-via-lnk-files)[The Mac Malware of 2024](https://objective-see.org/blog/blog_0x7D.html)[Take My Money: OCR Crypto Wallet Thieves on Google Play and App Store](https://securelist.ru/sparkcat-stealer-in-app-store-and-google-play/111638/)[AsyncRAT Reloaded: Using Python and TryCloudflare for Malware Delivery Again](https://www.forcepoint.com/blog/x-labs/asyncrat-reloaded-python-trycloudflare-malware)[Go Supply Chain Attack: Malicious Package Exploits Go Module Proxy Caching for Persistence](https://socket.dev/blog/malicious-package-exploits-go-module-proxy-caching-for-persistence)[Rat Race: ValleyRAT Malware Targets Organizations with New Delivery Techniques](https://www.morphisec.com/blog/rat-race-valleyrat-malware-china/)[35% Year-over-Year Decrease in Ransomware Payments, Less than Half of Recorded Incidents Resulted in Victim Payments](https://www.chainalysis.com/blog/crypto-crime-ransomware-victim-extortion-2025/)[Persistent Threats from the Kimsuky Group Using RDP Wrapper](https://asec.ahnlab.com/en/86098/)[macOS FlexibleFerret -| Further Variants of DPRK Malware Family Unearthed](https://www.sentinelone.com/blog/macos-flexibleferret-further-variants-of-dprk-malware-family-unearthed/)[Silent Lynx APT Targets Various Entities Across Kyrgyzstan -& Neighbouring Nations](https://www.seqrite.com/blog/silent-lynx-apt-targeting-central-asian-entities/)[Lazarus Group Targets Organizations with Sophisticated LinkedIn Recruiting Scam](https://www.bitdefender.com/en-us/blog/labs/lazarus-group-targets-organizations-with-sophisticated-linkedin-recruiting-scam)[Target Attack Backdoor Malware Analysis and Attribution](https://arxiv.org/abs/2502.02335)[ClarAVy: A Tool for Scalable and Accurate Malware Family Labeling](https://arxiv.org/abs/2502.02759)[Probing Malware Propagation Model with Variable Infection Rates Under Integer, Fractional, and Fractal–Fractional Orders](https://www.mdpi.com/2504-3110/9/2/90)[Semantic Entanglement-Based Ransomware Detection via Probabilistic Latent Encryption Mapping](https://arxiv.org/abs/2502.02730)Follow me on Twitter: [**@securityaffairs**](https://twitter.com/securityaffairs) and [**Facebook**](https://www.facebook.com/sec.affairs) and [Mastodon](https://infosec.exchange/@securityaffairs)[**Pierluigi Paganini**](http://www.linkedin.com/pub/pierluigi-paganini/b/742/559)**(** [**SecurityAffairs**](http://securityaffairs.co/wordpress/)**–** **hacking, malware)**
Related Tags:
TA427
Playcrypt
Play
Emerald Sleet
NAICS: 458 – Clothing
Clothing Accessories
Shoe
Jewelry Retailers
NAICS: 54 – Professional
Scientific
Technical Services
NAICS: 45 – Retail Trade – Fuel
Other
NAICS: 541 – Professional
Scientific
Technical Services
NAICS: 52 – Finance And Insurance
Associated Indicators: