Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape————————————————————————————————————————————-[Inside Gamaredon’s PteroLNK: Dead Drop Resolvers and evasive Infrastructure](https://harfanglab.io/insidethelab/gamaredons-pterolnk-analysis/)[XRP supply chain attack: Official NPM package infected with crypto stealing backdoor](https://www.aikido.dev/blog/xrp-supplychain-attack-official-npm-package-infected-with-crypto-stealing-backdoor)[SuperCard X: exposing a Chinese-speaker MaaS for NFC Relay fraud operation](https://www.cleafy.com/cleafy-labs/supercardx-exposing-chinese-speaker-maas-for-nfc-relay-fraud-operation)[New Rust Botnet ‘RustoBot’ is Routed via Routers](https://www.fortinet.com/blog/threat-research/new-rust-botnet-rustobot-is-routed-via-routers)[Obfuscation Overdrive: Next-Gen Cryptojacking with Layers](https://www.darktrace.com/blog/obfuscation-overdrive-next-gen-cryptojacking-with-layers)[Android spyware trojan targets Russian military personnel who use Alpine Quest mapping software](https://news.drweb.com/show/?i=15006&lng=en)[Operation SyncHole: Lazarus APT goes back to the well](https://securelist.com/operation-synchole-watering-hole-attacks-by-lazarus/116326/)[Ransomware Groups Evolve Affiliate Models](https://www.secureworks.com/blog/ransomware-groups-evolve-affiliate-models)[North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures](https://thehackernews.com/2025/04/north-korean-hackers-spread-malware-via.html)[DslogdRAT Malware Installed in Ivanti Connect Secure](https://blogs.jpcert.or.jp/en/2025/04/dslogdrat.html)[Iran-Linked Hackers Target Israel with MURKYTOUR Malware via Fake Job Campaign](https://thehackernews.com/2025/04/iran-linked-hackers-target-israel-with.html)[Reinforcement Learning for Mitigating Malware Propagation in Wireless Radar Sensor Networks with Channel Modeling](https://www.mdpi.com/2227-7390/13/9/1397)[MAL-XSEL: Enhancing Industrial Web Malware Detection with an Explainable Stacking Ensemble Model](https://www.mdpi.com/2227-9717/13/5/1329)[Zero Day Malware Detection with Alpha: Fast DBI with Transformer Models for Real World Application](https://arxiv.org/pdf/2504.14886)[Automatically Generating Rules of Malicious Software Packages via Large Language Model](https://arxiv.org/pdf/2504.17198)Follow me on Twitter: [**@securityaffairs**](https://twitter.com/securityaffairs) and [**Facebook**](https://www.facebook.com/sec.affairs) and [**Mastodon**](https://infosec.exchange/@securityaffairs)[**Pierluigi Paganini**](http://www.linkedin.com/pub/pierluigi-paganini/b/742/559)**(** [**SecurityAffairs**](http://securityaffairs.co/wordpress/)**–** **hacking, newsletter)**
Related Tags:
NAICS: 519 – Web Search Portals
Libraries
Archives
Other Information Services
NAICS: 541 – Professional
Scientific
Technical Services
NAICS: 52 – Finance And Insurance
NAICS: 518 – Computing Infrastructure Providers
Data Processing
Web Hosting
Related Services
NAICS: 92 – Public Administration
NAICS: 922 – Justice
Public Order
Safety Activities
NAICS: 522 – Credit Intermediation And Related Activities
NAICS: 51 – Information
NAICS: 928 – National Security And International Affairs
Associated Indicators: