Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape————————————————————————————————————————————-Malware Newsletter[Hunt.io Exposes and Analyzes ERMAC V3.0 Banking Trojan Full Source Code Leak](https://hunt.io/blog/ermac-v3-banking-trojan-source-code-leak)[Evolution of the PipeMagic backdoor: from the RansomExx incident to CVE-2025-29824](https://securelist.com/pipemagic/117270/)[Supply Chain Risk in Python: Termncolor and Colorinal Explained](https://www.zscaler.com/blogs/security-research/supply-chain-risk-python-termncolor-and-colorinal-explained)[Noodlophile Stealer Evolves: Targeted Copyright Phishing Hits Enterprises with Social Media Footprints](https://www.morphisec.com/blog/noodlophile-stealer-evolves-targeted-copyright-phishing-hits-enterprises-with-social-media-footprints/)[Dissecting PipeMagic: Inside the architecture of a modular backdoor framework](https://www.microsoft.com/en-us/security/blog/2025/08/18/dissecting-pipemagic-inside-the-architecture-of-a-modular-backdoor-framework/)[GodRAT — New RAT targeting financial institutions](https://securelist.com/godrat/117119/)[Preventing Domain Resurrection Attacks](https://blog.pypi.org/posts/2025-08-18-preventing-domain-resurrections/)[Patching for persistence: How DripDropper Linux malware moves through the cloud](https://redcanary.com/blog/threat-intelligence/dripdropper-linux-malware/)[Finding Malware: DIRTYBULK and Friends — USB Infections To Fuel Cybercriminal Coinmining Operations](https://security.googlecloudcommunity.com/community-blog-42/finding-malware-dirtybulk-and-friends-usb-infections-to-fuel-cybercriminal-coinmining-operations-5552)[Falcon Platform Prevents COOKIE SPIDER’s SHAMOS Delivery on macOS](https://www.crowdstrike.com/en-us/blog/falcon-prevents-cookie-spider-shamos-delivery-macos/)[SaMOSA: Sandbox for Malware Orchestration and Side-Channel Analysis](https://arxiv.org/abs/2508.14261)[Evasive Ransomware Attacks Using Low-level Behavioral Adversarial Examples](https://arxiv.org/abs/2508.08656)[Demystifying the Role of Rule-based Detection in AI Systems for Windows Malware](https://arxiv.org/abs/2508.09652)[Automated Malware Source Code Generation via Uncensored LLMs and Adversarial Evasion of Censored Model](https://www.mdpi.com/2076-3417/15/17/9252)[Cyber-Attacks on Energy Infrastructure—A Literature Overview and Perspectives on the Current Situation](https://www.mdpi.com/2076-3417/15/17/9233)[APT36: Targets Indian BOSS Linux Systems with Weaponized AutoStart Files](https://www.cyfirma.com/research/apt36-targets-indian-boss-linux-systems-with-weaponized-autostart-files/)Follow me on Twitter: [@securityaffairs](https://twitter.com/securityaffairs) and [Facebook](https://www.facebook.com/sec.affairs) and [Mastodon](https://infosec.exchange/@securityaffairs)[Pierluigi Paganini](http://www.linkedin.com/pub/pierluigi-paganini/b/742/559)([SecurityAffairs](http://securityaffairs.co/wordpress/) — hacking, [NEWSLETTER](https://securityaffairs.com/180151/breaking-news/security-affairs-malware-newsletter-round-54.html))
Related Tags:
NAICS: 524 – Insurance Carriers And Related Activities
NAICS: 54 – Professional
Scientific
Technical Services
NAICS: 541 – Professional
Scientific
Technical Services
NAICS: 52 – Finance And Insurance
NAICS: 518 – Computing Infrastructure Providers
Data Processing
Web Hosting
Related Services
NAICS: 92 – Public Administration
NAICS: 926 – Administration Of Economic Programs
NAICS: 522 – Credit Intermediation And Related Activities
NAICS: 51 – Information
Associated Indicators: