Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape————————————————————————————————————————————-Malware Newsletter[Arctic Wolf Observes July 2025 Uptick in Akira Ransomware Activity Targeting SonicWall SSL VPN](https://arcticwolf.com/resources/blog/arctic-wolf-observes-july-2025-uptick-in-akira-ransomware-activity-targeting-sonicwall-ssl-vpn/)[The State of Ransomware — Q2 2025](https://research.checkpoint.com/2025/the-state-of-ransomware-q2-2025/)[Malware 101: a comprehensive guide](https://www.cleafy.com/insights/malware-101-beginners-guide)[Behind Random Words: DoubleTrouble Mobile Banking Trojan Revealed](https://zimperium.com/blog/behind-random-words-doubletrouble-mobile-banking-trojan-revealed)[ToxicPanda: The Android Banking Trojan Targeting Europe](https://www.bitsight.com/blog/toxicpanda-android-banking-malware-2025-study)[‘CAPTCHAgeddon’ Unmasking the Viral Evolution of the ClickFix Browser-Based Threat](https://guard.io/labs/captchageddon-unmasking-the-viral-evolution-of-the-clickfix-browser-based-threat)[Project Ire autonomously identifies malware at scale](https://www.microsoft.com/en-us/research/blog/project-ire-autonomously-identifies-malware-at-scale/)[Unmasking SocGholish: Silent Push Untangles the Malware Web Behind the ‘Pioneer of Fake Updates’ and Its Operator, TA569](https://www.silentpush.com/blog/socgholish/)[11 Malicious Go Packages Distribute Obfuscated Remote Payloads](https://socket.dev/blog/11-malicious-go-packages-distribute-obfuscated-remote-payloads)[New Infection Chain and ConfuserEx-Based Obfuscation for DarkCloud Stealer](https://unit42.paloaltonetworks.com/new-darkcloud-stealer-infection-chain/)[WinRAR zero-day exploited to plant malware on archive extraction](https://www.bleepingcomputer.com/news/security/winrar-zero-day-flaw-exploited-by-romcom-hackers-in-phishing-attacks/)[ranDecepter: Real-time Identification and Deterrence of Ransomware Attacks](https://arxiv.org/abs/2508.00293)[MalFlows: Context-aware Fusion of Heterogeneous Flow Semantics for Android Malware Detection](https://arxiv.org/abs/2508.03588)[Hybrid Analysis Model for Detecting Fileless Malware](https://www.mdpi.com/2079-9292/14/15/3134)[Germany’s top court holds that police can only use spyware to investigate serious crimes](https://therecord.media/germany-spyware-limitations-court-rules)[FraudOnTok](https://www.ctm360.com/reports/fraudontok-tiktok-shop-scam-report)[Updated UAC-0099 toolkit: MATCHBOIL, MATCHWOK, DRAGSTARE](https://cert.gov.ua/article/6284949)Follow me on Twitter: [@securityaffairs](https://twitter.com/securityaffairs) and [Facebook](https://www.facebook.com/sec.affairs) and [Mastodon](https://infosec.exchange/@securityaffairs)[Pierluigi Paganini](http://www.linkedin.com/pub/pierluigi-paganini/b/742/559)([SecurityAffairs](http://securityaffairs.co/wordpress/) — hacking, [NEWSLETTER](https://securityaffairs.com/180151/breaking-news/security-affairs-malware-newsletter-round-54.html))
Related Tags:
Mustard Tempest
SocGholish
GOLD PRELUDE
TA569
FakeUpdates
DEV-0206
UNC1543
GOLD SAHARA
Akira
Associated Indicators: