(520) 462-0516

info@threatintel-solutions.net

Threat Intel Solutions

Let’s Talk

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 51

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape————————————————————————————————————————————-[Ransomware Gangs Collapse as Qilin Seizes Control](https://www.cybereason.com/blog/threat-alert-qilin-seizes-control)[Dissecting a Python Ransomware distributed through GitHub repositories](https://www.tinextacyber.com/dissecting-a-python-ransomware/)[SparkKitty, SparkCat’s little brother: A new Trojan spy found in the App Store and Google Play](https://securelist.com/sparkkitty-ios-android-malware/116793/)[Uncovering a Tor-Enabled Docker Exploit](https://www.trendmicro.com/en_us/research/25/f/tor-enabled-docker-exploit.html)[Threat Actors Modify and Re-Create Commercial Software to Steal Users’ Information](https://www.sonicwall.com/blog/threat-actors-modify-and-re-create-commercial-software-to-steal-users-information)[Resurgence of the Prometei Botnet](https://unit42.paloaltonetworks.com/prometei-botnet-2025-activity/)[ConnectUnwise: Threat actors abuse ConnectWise as builder for signed malware](https://www.gdatasoftware.com/blog/2025/06/38218-connectwise-abuse-malware)[GIFTEDCROOK’s Strategic Pivot: From Browser Stealer to Data Exfiltration Platform During Critical Ukraine Negotiations](https://arcticwolf.com/resources/blog/giftedcrook-strategic-pivot-from-browser-stealer-to-data-exfiltration-platform/)[Hive0154 aka Mustang Panda shifts focus on Tibetan community to deploy Pubload backdoor](https://www.ibm.com/think/x-force/hive0154-mustang-panda-shifts-focus-tibetan-community-deploy-pubload-backdoor)[OneClik: A ClickOnce-Based APT Campaign Targeting Energy, Oil and Gas Infrastructure](https://www.trellix.com/blogs/research/oneclik-a-clickonce-based-apt-campaign-targeting-energy-oil-and-gas-infrastructure/)[SadFuture: Mapping XDSpy latest evolution](https://harfanglab.io/insidethelab/sadfuture-xdspy-latest-evolution/)[FreeType Zero-Day Found by Meta Exploited in Paragon Spyware Attacks](https://www.securityweek.com/freetype-zero-day-found-by-meta-exploited-in-paragon-spyware-attacks/)[UAC-0001 (APT28) Cyber Attacks on Government Agencies Using BEARDSHELL and COVENANT](https://cert.gov.ua/article/6284080)[DeepSeek Deception: Sainbox RAT -& Hidden Rootkit Delivery](https://www.netskope.com/blog/deepseek-deception-sainbox-rat-hidden-rootkit-delivery)[Cryptominers’ Anatomy: Shutting Down Mining Botnets](https://www.akamai.com/blog/security-research/cryptominers-anatomy-shutting-down-mining-botnets)[Another Wave: North Korean Contagious Interview Campaign Drops 35 New Malicious npm Packages](https://socket.dev/blog/north-korean-contagious-interview-campaign-drops-35-new-malicious-npm-packages)[Analysis of the latest attack activities of APT-C-06 (DarkHotel) using BYOVD technology](https://mp.weixin.qq.com/s/m2G9oLHv504HJDW8mB5rDA)[Taiwan Strait hotspot bait! Wangci organization combines 0day and ClickOnce technology to carry out espionage activities](https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA==&mid=2247515203&idx=1&sn=aa65a6a18fdb558e811f8b9c1010a23c&poc_token=HHmVXmij6Y-0Wxq6JrV4j7RzrF0yceAstuJsjgU8)[Unmasking A New China-Linked Covert ORB Network: Inside the LapDogs Campaign](https://securityscorecard.com/blog/unmasking-a-new-china-linked-covert-orb-network-inside-the-lapdogs-campaign/)[Enhancing Malware Detection via RGB Assembly Visualization and Hybrid Deep Learning Models](https://www.mdpi.com/2076-3417/15/13/7163)[Analyzing PDFs like Binaries: Adversarially Robust PDF Malware Analysis via Intermediate Representation and Language Model](https://arxiv.org/abs/2506.17162)Follow me on Twitter: [@securityaffairs](https://twitter.com/securityaffairs) and [Facebook](https://www.facebook.com/sec.affairs) and [Mastodon](https://infosec.exchange/@securityaffairs)[Pierluigi Paganini](http://www.linkedin.com/pub/pierluigi-paganini/b/742/559)([SecurityAffairs](http://securityaffairs.co/wordpress/) — hacking, newsletter)

Related Tags:
Covenant

Zigzag Hail

Playcrypt

Play

FROZENLAKE

Forest Blizzard

NAICS: 211 – Oil And Gas Extraction

NAICS: 54 – Professional

Scientific

Technical Services

NAICS: 21 – Mining

Quarrying

Oil And Gas Extraction

Associated Indicators:

Search

Popular Posts

Categories

Pages

Archives

Tags

Follow Us