Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape————————————————————————————————————————————-Malware Newsletter[Endgame Gear mouse config tool infected users with malware](https://www.bleepingcomputer.com/news/security/endgame-gear-mouse-config-tool-infected-users-with-malware/)[Auto-Color Backdoor: How Darktrace Thwarted a Stealthy Linux Intrusion](https://www.darktrace.com/blog/auto-color-backdoor-how-darktrace-thwarted-a-stealthy-linux-intrusion)[Sealed Chain of Deception: Actors leveraging Node.JS to Launch JSCeal](https://research.checkpoint.com/2025/jsceal-targets-crypto-apps/)[Decrypted: FunkSec Ransomware](https://www.gendigital.com/blog/insights/research/funksec-ai)[Threat actor uses AI to create a better crypto wallet drainer](https://getsafety.com/blog-posts/threat-actor-uses-ai-to-create-a-better-crypto-wallet-drainer)[PlayPraetor’s evolving threat: How Chinese-speaking actors globally scale an Android RAT](https://www.cleafy.com/cleafy-labs/playpraetors-evolving-threat-how-chinese-speaking-actors-globally-scale-an-android-rat)[Plague: A Newly Discovered PAM-Based Backdoor for Linux](https://www.nextron-systems.com/2025/08/01/plague-a-newly-discovered-pam-based-backdoor-for-linux/)[Before ToolShell: Exploring Storm-2603’s Previous Ransomware Operations](https://research.checkpoint.com/2025/before-toolshell-exploring-storm-2603s-previous-ransomware-operations/)[Attackers Actively Exploiting Critical Vulnerability in Alone Theme](https://www.wordfence.com/blog/2025/07/attackers-actively-exploiting-critical-vulnerability-in-alone-theme/)[UNC2891 Bank Heist: Physical ATM Backdoor -& Linux Forensic Evasion Evasion](https://www.group-ib.com/blog/unc2891-bank-heist/)[Frozen in transit: Secret Blizzard’s AiTM campaign against diplomats](https://www.microsoft.com/en-us/security/blog/2025/07/31/frozen-in-transit-secret-blizzards-aitm-campaign-against-diplomats/)[LLM-Based Identification of Infostealer Infection Vectors from Screenshots: The Case of Aurora](https://arxiv.org/abs/2507.23611)[Measuring and Explaining the Effects of Android App Transformations in Online Malware Detection](https://arxiv.org/abs/2507.20361)[AI-Driven Security for Blockchain-Based Smart Contracts: A GAN-Assisted Deep Learning Approach to Malware Detection](https://www.mdpi.com/2624-800X/5/3/53)[YoloMal-XAI: Interpretable Android Malware Classification Using RGB Images and YOLO11](https://www.mdpi.com/2624-800X/5/3/52)Follow me on Twitter: [@securityaffairs](https://twitter.com/securityaffairs) and [Facebook](https://www.facebook.com/sec.affairs) and [Mastodon](https://infosec.exchange/@securityaffairs)[Pierluigi Paganini](http://www.linkedin.com/pub/pierluigi-paganini/b/742/559)([SecurityAffairs](http://securityaffairs.co/wordpress/) — hacking, [NEWSLETTER](https://securityaffairs.com/180151/breaking-news/security-affairs-malware-newsletter-round-54.html))
Related Tags:
NAICS: 334 – Computer And Electronic Product Manufacturing
NAICS: 541 – Professional
Scientific
Technical Services
NAICS: 518 – Computing Infrastructure Providers
Data Processing
Web Hosting
Related Services
NAICS: 33 – Manufacturing – Metal
Electronics And Other
NAICS: 51 – Information
Blog: Security Affairs
Associated Indicators: