Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape————————————————————————————————————————————-[10 Things I Hate About Attribution: RomCom vs. TransferLoader](https://www.proofpoint.com/us/blog/threat-insight/10-things-i-hate-about-attribution-romcom-vs-transferloader)[macOS NimDoor -| DPRK Threat Actors Target Web3 and Crypto Platforms with Nim-Based Malware](https://www.sentinelone.com/labs/macos-nimdoor-dprk-threat-actors-target-web3-and-crypto-platforms-with-nim-based-malware/)[Warning Against Distribution of Malware Disguised as Research Papers (Kimsuky Group)](https://asec.ahnlab.com/en/88465/)[Dissecting Kimsuky’s Attacks on South Korea: In-Depth Analysis of GitHub-Based Malicious Infrastructure](https://www.enki.co.kr/en/media-center/tech-blog/dissecting-kimsuky-s-attacks-on-south-korea-in-depth-analysis-of-github-based-malicious-infrastructure)[Houken seeking a path by living on the edge with zero-days](https://www.cert.ssi.gouv.fr/cti/CERTFR-2025-CTI-009/)[FoxyWallet: 40+ Malicious Firefox Extensions Exposed](https://blog.koi.security/foxywallet-40-malicious-firefox-extensions-exposed-4c14419de486)[Addressing malware family concept drift with triplet autoencoder](https://arxiv.org/abs/2507.00348)[RawMal-TF: Raw Malware Dataset Labeled by Type and Family](https://arxiv.org/abs/2506.23909)[Detecting Emerging DGA Malware in Federated Environments via Variational Autoencoder-Based Clustering and Resource-Aware Client Selection](https://www.mdpi.com/1999-5903/17/7/299)[Breaking Out from the TESSERACT: Reassessing ML-based Malware Detection under Spatio-Temporal Drift](https://arxiv.org/abs/2506.23814)[GSIDroid: A Suspicious Subgraph-Driven and Interpretable Android Malware Detection System](https://www.mdpi.com/1424-8220/25/13/4116)[Enhancing Malware Detection via RGB Assembly Visualization and Hybrid Deep Learning Models](https://www.mdpi.com/2076-3417/15/13/7163)Follow me on Twitter: [@securityaffairs](https://twitter.com/securityaffairs) and [Facebook](https://www.facebook.com/sec.affairs) and [Mastodon](https://infosec.exchange/@securityaffairs)[Pierluigi Paganini](http://www.linkedin.com/pub/pierluigi-paganini/b/742/559)([SecurityAffairs](http://securityaffairs.co/wordpress/) — hacking, [newsletter](https://securityaffairs.com/179429/breaking-news/security-affairs-malware-newsletter-round-51.html))
Related Tags:
APT43
TA427
Emerald Sleet
NAICS: 54 – Professional
Scientific
Technical Services
NAICS: 541 – Professional
Scientific
Technical Services
NAICS: 518 – Computing Infrastructure Providers
Data Processing
Web Hosting
Related Services
NAICS: 51 – Information
Black Banshee
Kimsuky
Associated Indicators: