Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape————————————————————————————————————————————-[Microsoft Trusted Signing service abused to code-sign malware](https://www.bleepingcomputer.com/news/security/microsoft-trusted-signing-service-abused-to-code-sign-malware/)[Shedding light on the ABYSSWORKER driver](https://www.elastic.co/security-labs/abyssworker)[VSCode Marketplace Removes Two Extensions Deploying Early-Stage Ransomware](https://thehackernews.com/2025/03/vscode-marketplace-removes-two.html)[New Android Malware Campaigns Evading Detection Using Cross-Platform Framework .NET MAUI](https://www.mcafee.com/blogs/other-blogs/mcafee-labs/new-android-malware-campaigns-evading-detection-using-cross-platform-framework-net-maui/)[Raspberry Robin: Copy Shop USB Worm Evolves to Initial Access Broker Enabling Other Threat Actor Attacks](https://www.silentpush.com/blog/raspberry-robin/)[ReaderUpdate Reforged -| Melting Pot of macOS Malware Adds Go to Crystal, Nim and Rust Variants](https://www.sentinelone.com/blog/readerupdate-reforged-melting-pot-of-macos-malware-adds-go-to-crystal-nim-and-rust-variants/)[Grandoreiro Trojan Distributed via Contabo-Hosted Servers in Phishing Campaigns](https://www.forcepoint.com/blog/x-labs/grandoreiro-trojan-targets-mexico-argentina-spain)[Malware found on npm infecting local package with reverse shell](https://www.reversinglabs.com/blog/malicious-npm-patch-delivers-reverse-shell)[Shifting the sands of RansomHub’s EDRKillShifter](https://www.welivesecurity.com/en/eset-research/shifting-sands-ransomhub-edrkillshifter/)[Multiple crypto packages hijacked, turned into info-stealers](https://www.sonatype.com/blog/multiple-crypto-packages-hijacked-turned-into-info-stealers)[CoffeeLoader: A Brew of Stealthy Techniques](https://www.zscaler.com/blogs/security-research/coffeeloader-brew-stealthy-techniques)[PJobRAT makes a comeback, takes another crack at chat apps](https://news.sophos.com/en-us/2025/03/27/pjobrat-makes-a-comeback-takes-another-crack-at-chat-apps/)[Exposing Crocodilus: New Device Takeover Malware Targeting Android Devices](https://www.threatfabric.com/blogs/exposing-crocodilus-new-device-takeover-malware-targeting-android-devices)[You will always remember this as the day you finally caught FamousSparrow](https://www.welivesecurity.com/en/eset-research/you-will-always-remember-this-as-the-day-you-finally-caught-famoussparrow/)[RedCurl’s Ransomware Debut: A Technical Deep Dive](https://www.bitdefender.com/en-us/blog/businessinsights/redcurl-qwcrypt-ransomware-technical-deep-dive)[Blacklock Ransomware: A Late Holiday Gift with Intrusion into the Threat Actor’s Infrastructure](https://www.resecurity.com/blog/article/blacklock-ransomware-a-late-holiday-gift-with-intrusion-into-the-threat-actors-infrastructure)[Over 150K websites hit by full-page hijack linking to Chinese gambling sites](https://cside.dev/blog/over-150k-websites-hit-by-full-page-hijack-linking-to-chinese-gambling-sites)[Coding Malware in Fancy Programming Languages for Fun and Profit](https://arxiv.org/abs/2503.19058)[Leveraging VAE-Derived Latent Spaces for Enhanced Malware Detection with Machine Learning Classifiers](https://arxiv.org/abs/2503.20803)[Trandroid: An Android Mobile Threat Detection System Using Transformer Neural Networks](https://www.mdpi.com/2079-9292/14/6/1230)[A Wide and Weighted Deep Ensemble Model for Behavioral Drifting Ransomware Attacks](https://www.mdpi.com/2227-7390/13/7/1037)Follow me on Twitter: [**@securityaffairs**](https://twitter.com/securityaffairs) and [**Facebook**](https://www.facebook.com/sec.affairs) and [Mastodon](https://infosec.exchange/@securityaffairs)[**Pierluigi Paganini**](http://www.linkedin.com/pub/pierluigi-paganini/b/742/559)**(** [**SecurityAffairs**](http://securityaffairs.co/wordpress/)**–** **hacking, [malware](https://securityaffairs.com/174816/malware/security-affairs-malware-newsletter-round-35.html))**
Related Tags:
NAICS: 484 – Truck Transportation
NAICS: 48 – Transportation
NAICS: 71 – Arts
Entertainment
Recreation
NAICS: 713 – Amusement
Gambling
Recreation Industries
NAICS: 334 – Computer And Electronic Product Manufacturing
NAICS: 519 – Web Search Portals
Libraries
Archives
Other Information Services
NAICS: 52 – Finance And Insurance
NAICS: 33 – Manufacturing – Metal
Electronics And Other
NAICS: 522 – Credit Intermediation And Related Activities
Associated Indicators: