Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape————————————————————————————————————————————-[KongTuke FileFix Leads to New Interlock RAT Variant](https://thedfirreport.com/2025/07/14/kongtuke-filefix-leads-to-new-interlock-rat-variant/)[Code highlighting with Cursor AI for $500,000](https://securelist.com/open-source-package-for-cursor-ai-turned-into-a-crypto-heist/116908/)[Contagious Interview Campaign Escalates With 67 Malicious npm Packages and New Malware Loader](https://socket.dev/blog/contagious-interview-campaign-escalates-67-malicious-npm-packages)[Threat Analysis: SquidLoader — Still Swimming Under the Radar](https://www.trellix.com/blogs/research/threat-analysis-squidLoader-still-swimming-under-the-radar/)[Konfety Returns: Classic Mobile Threat with New Evasion Techniques](https://zimperium.com/blog/konfety-returns-classic-mobile-threat-with-new-evasion-techniques)[The Linuxsys Cryptominer](https://www.vulncheck.com/blog/linuxsys-cryptominer)[From a Teams Call to a Ransomware Threat: Matanbuchus 3.0 MaaS Levels Up](https://engage.morphisec.com/hubfs/Matanbuchus%20Threat%20Analysis.pdf)[MaaS operation using Emmenhtal and Amadey linked to threats against Ukrainian entities](https://blog.talosintelligence.com/maas-operation-using-emmenhtal-and-amadey-linked-to-threats-against-ukrainian-entities/)[Unmasking AsyncRAT: Navigating the labyrinth of forks](https://www.welivesecurity.com/en/eset-research/unmasking-asyncrat-navigating-labyrinth-forks/)[Behind the Clouds: Attackers Targeting Governments in Southeast Asia Implement Novel Covert C2 Communication](https://unit42.paloaltonetworks.com/windows-backdoor-for-novel-c2-communication/)[Ongoing SonicWall Secure Mobile Access (SMA) Exploitation Campaign using the OVERSTEP Backdoor](https://cloud.google.com/blog/topics/threat-intelligence/sonicwall-secure-mobile-access-exploitation-overstep-backdoor)[UAC-0001 cyberattacks on the security and defense sector using the LAMEHUG software tool, which uses LLM (large language model) (CERT-UA#16039)](https://cert.gov.ua/article/6284730)[New Phobos and 8base ransomware decryptor recover files for free](https://www.bleepingcomputer.com/news/security/new-phobos-ransomware-decryptor-lets-victims-recover-files-for-free/)[IoT Malware Network Traffic Detection using Deep Learning and GraphSAGE Models](https://arxiv.org/abs/2507.10758)[LLMalMorph: On The Feasibility of Generating Variant Malware using Large-Language-Models](https://arxiv.org/abs/2507.09411)[ADAPT: A Pseudo-labeling Approach to Combat Concept Drift in Malware Detection](https://arxiv.org/abs/2507.08597)[A Delayed Malware Propagation Model Under a Distributed Patching Mechanism: Stability Analysis](https://www.mdpi.com/2227-7390/13/14/2266)[Systematic Review: Malware Detection and Classification in Cybersecurity](https://www.mdpi.com/2076-3417/15/14/7747)Follow me on Twitter: [@securityaffairs](https://twitter.com/securityaffairs) and [Facebook](https://www.facebook.com/sec.affairs) and [Mastodon](https://infosec.exchange/@securityaffairs)[Pierluigi Paganini](http://www.linkedin.com/pub/pierluigi-paganini/b/742/559)([SecurityAffairs](http://securityaffairs.co/wordpress/) — hacking, NEWSLETTER)
Related Tags:
NAICS: 334 – Computer And Electronic Product Manufacturing
NAICS: 541 – Professional
Scientific
Technical Services
NAICS: 518 – Computing Infrastructure Providers
Data Processing
Web Hosting
Related Services
NAICS: 92 – Public Administration
NAICS: 33 – Manufacturing – Metal
Electronics And Other
NAICS: 51 – Information
NAICS: 928 – National Security And International Affairs
AsyncRAT
Amadey
Associated Indicators: