Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.————————————————————————————————————————————–[You’ve Got Malware: FINALDRAFT Hides in Your Drafts](https://www.elastic.co/security-labs/finaldraft)[Telegram Abused as C2 Channel for New Golang Backdoor](https://www.netskope.com/blog/telegram-abused-as-c2-channel-for-new-golang-backdoor)[Infostealing Malware Infections in the U.S. Military -& Defense Sector: A Cybersecurity Disaster in the Making](https://www.infostealers.com/article/infostealing-malware-infections-in-the-u-s-military-defense-sector-a-cybersecurity-disaster-in-the-making/)[Analyzing ELF/Sshdinjector.A!tr with a Human and Artificial Analyst](https://www.fortinet.com/blog/threat-research/analyzing-elf-sshdinjector-with-a-human-and-artificial-analyst)[An Update on Fake Updates: Two New Actors, and New Mac Malware](https://www.proofpoint.com/us/blog/threat-insight/update-fake-updates-two-new-actors-and-new-mac-malware)[FortiSandbox 5.0 Detects Evolving Snake Keylogger Variant](https://www.fortinet.com/blog/threat-research/fortisandbox-detects-evolving-snake-keylogger-variant)[XLoader Executed Through JAR Signing Tool (jarsigner.exe)](https://asec.ahnlab.com/en/84574/)[SPYLEND: The Android App Available on Google Play Store: Enabling Financial Cyber Crime -& Extortion](https://www.cyfirma.com/research/spylend-the-android-app-available-on-google-play-store-enabling-financial-cyber-crime-extortion/)[Cluster Analysis and Concept Drift Detection in Malware](https://arxiv.org/abs/2502.14135)[LAMD: Context-driven Android Malware Detection and Classification with LLMs](https://arxiv.org/pdf/2502.13055)[Improving Cyber Defense Against Ransomware: A Generative Adversarial Networks-Based Adversarial Training Approach for Long Short-Term Memory Network Classifier](https://www.mdpi.com/2079-9292/14/4/810)[DeceptiveDevelopment targets freelance developers](https://www.welivesecurity.com/en/eset-research/deceptivedevelopment-targets-freelance-developers/)[Meet NailaoLocker: a ransomware distributed in Europe by ShadowPad and PlugX backdoors](https://www.orangecyberdefense.com/global/blog/cert-news/meet-nailaolocker-a-ransomware-distributed-in-europe-by-shadowpad-and-plugx-backdoors)[Earth Preta Mixes Legitimate and Malicious Components to Sidestep Detection](https://www.trendmicro.com/en_us/research/25/b/earth-preta-mixes-legitimate-and-malicious-components-to-sidestep-detection.html)[StaryDobry ruins New Year’s Eve, delivering miner instead of presents](https://securelist.com/starydobry-campaign-spreads-xmrig-miner-via-torrents/115509/)Follow me on Twitter: [**@securityaffairs**](https://twitter.com/securityaffairs) and [**Facebook**](https://www.facebook.com/sec.affairs) and [Mastodon](https://infosec.exchange/@securityaffairs)[**Pierluigi Paganini**](http://www.linkedin.com/pub/pierluigi-paganini/b/742/559)**(** [**SecurityAffairs**](http://securityaffairs.co/wordpress/)**–** **hacking, malware)**
Related Tags:
Play
NAICS: 54 – Professional
Scientific
Technical Services
NAICS: 519 – Web Search Portals
Libraries
Archives
Other Information Services
NAICS: 541 – Professional
Scientific
Technical Services
NAICS: 518 – Computing Infrastructure Providers
Data Processing
Web Hosting
Related Services
NAICS: 92 – Public Administration
NAICS: 922 – Justice
Public Order
Safety Activities
NAICS: 51 – Information
Thoper
Associated Indicators: