SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 55

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape————————————————————————————————————————————-Malware Newsletter[Lookout Discovers Iranian APT MuddyWater Leveraging DCHSpy During Israel-Iran Conflict](https://www.lookout.com/threat-intelligence/article/lookout-discovers-iranian-dchsy-surveillanceware)[Uncovering a Stealthy WordPress Backdoor in mu-plugins](https://blog.sucuri.net/2025/07/uncovering-a-stealthy-wordpress-backdoor-in-mu-plugins.html)[NPM package ‘is’ with 2.8M weekly downloads infected devs with malware](https://www.bleepingcomputer.com/news/security/npm-package-is-with-28m-weekly-downloads-infected-devs-with-malware/)[Coyote in the Wild: First-Ever Malware That Abuses UI Automation](https://www.akamai.com/blog/security-research/active-exploitation-coyote-malware-first-ui-automation-abuse-in-the-wild)[Understanding Current CastleLoader Campaigns](https://catalyst.prodaft.com/public/report/understanding-current-castleloader-campaigns/overview#heading-1000)[AI-Generated Malware in Panda Image Hides Persistent Linux Threat](https://www.aquasec.com/blog/ai-generated-malware-in-panda-image-hides-persistent-linux-threat/)[Toptal’s GitHub Organization Hijacked: 10 Malicious Packages Published](https://socket.dev/blog/toptal-s-github-organization-hijacked-10-malicious-packages-published)[Soco404: Multiplatform Cryptomining Campaign Uses Fake Error Pages to Hide Payload](https://www.wiz.io/blog/soco404-multiplatform-cryptomining-campaign-uses-fake-error-pages-to-hide-payload)[Hacker sneaks infostealer malware into early access Steam game](https://www.bleepingcomputer.com/news/security/hacker-sneaks-infostealer-malware-into-early-access-steam-game/)[Operation CargoTalon : UNG0901 Targets Russian Aerospace -& Defense Sector using EAGLET implant](https://www.seqrite.com/blog/operation-cargotalon-ung0901-targets-russian-aerospace-defense-sector-using-eaglet-implant/)[Regression-aware Continual Learning for Android Malware Detection](https://arxiv.org/abs/2507.18313)[From Cracks to Crooks: YouTube as a Vector for Malware Distribution](https://arxiv.org/abs/2507.16996)[A Perturbation and Symmetry-Based Analysis of Mobile Malware Dynamics in Smartphone Networks](https://www.mdpi.com/2076-3417/15/14/8086)[An Explainable Hybrid CNN–Transformer Architecture for Visual Malware Classification](https://www.mdpi.com/1424-8220/25/15/4581)Follow me on Twitter: [@securityaffairs](https://twitter.com/securityaffairs) and [Facebook](https://www.facebook.com/sec.affairs) and [Mastodon](https://infosec.exchange/@securityaffairs)[Pierluigi Paganini](http://www.linkedin.com/pub/pierluigi-paganini/b/742/559)([SecurityAffairs](http://securityaffairs.co/wordpress/) — hacking, [NEWSLETTER](https://securityaffairs.com/180151/breaking-news/security-affairs-malware-newsletter-round-54.html))

Related Tags:
TA450

NAICS: 54 – Professional

Scientific

Technical Services

NAICS: 334 – Computer And Electronic Product Manufacturing

NAICS: 541 – Professional

Scientific

Technical Services

NAICS: 518 – Computing Infrastructure Providers

Data Processing

Web Hosting

Related Services

NAICS: 33 – Manufacturing – Metal

Electronics And Other

NAICS: 51 – Information

Seedworm

TEMP.Zagros

Associated Indicators:

Threat Intel Solutions

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 55

Search

Popular Posts

Dangerous runC flaws could allow hackers to escape Docker containers

Lost iPhone? Don’t fall for phishing texts saying it was found

NAKIVO Introduces v11.1 with Upgraded Disaster Recovery and MSP Features

Categories

Pages

Archives

Tags

Follow Us