Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape————————————————————————————————————————————-Malware Newsletter[Smash and Grab: Aggressive Akira Campaign Targets SonicWall VPNs, Deploys Ransomware in an Hour or Less](https://arcticwolf.com/resources/blog/smash-and-grab-aggressive-akira-campaign-targets-sonicwall-vpns/)[First Malicious MCP in the Wild: The Postmark Backdoor That’s Stealing Your Emails](https://www.koi.security/blog/postmark-mcp-npm-malicious-backdoor-email-theft)[EvilAI Operators Use AI-Generated Code and Fake Apps for Far-Reaching Attacks](https://www.trendmicro.com/en_us/research/25/i/evilai.html)[Phantom Taurus: A New Chinese Nexus APT and the Discovery of the NET-STAR Malware Suite](https://unit42.paloaltonetworks.com/phantom-taurus/)[SVG Phishing hits Ukraine with Amatera Stealer, PureMiner](https://www.fortinet.com/blog/threat-research/svg-phishing-hits-ukraine-with-amatera-stealer-pureminer)[CABINETRAT backdoor used by UAC-0245 for targeted cyberattacks against SOU (CERT-UA#17479)](https://cert.gov.ua/article/6285549)[Klopatra: exposing a new Android banking trojan operation with roots in Turkey](https://www.cleafy.com/cleafy-labs/klopatra-exposing-a-new-android-banking-trojan-operation-with-roots-in-turkey)[Check Your Socks — A Deep Dive into soopsocks PyPI Package](https://research.jfrog.com/post/check-your-socks-a-deep-dive-into-soopsocks-pypi/)[New spyware campaigns target privacy-conscious Android users in the UAE](https://www.welivesecurity.com/en/eset-research/new-spyware-campaigns-target-privacy-conscious-android-users-uae/)[Rhadamanthys 0.9.x — walk through the updates](https://research.checkpoint.com/2025/rhadamanthys-0-9-x-walk-through-the-updates/)[Detour Dog: DNS Malware Powers Strela Stealer Campaigns](https://blogs.infoblox.com/threat-intelligence/detour-dog-dns-malware-powers-strela-stealer-campaigns/)[Cavalry Werewolf raids Russia’s public sector with trusted relationship attacks](https://bi.zone/eng/expertise/blog/cavalry-werewolf-atakuet-rossiyu-cherez-doveritelnye-otnosheniya-mezhdu-gosudarstvami/)[Confucius Espionage: From Stealer to Backdoor](https://www.fortinet.com/blog/threat-research/confucius-espionage-from-stealer-to-backdoor)[Zero-Day Ransomware Attack Detection Using Static Portable Executable Header Features](https://www.mdpi.com/2076-3417/15/19/10576)[Robust Hashing for Improved CNN Performance in Image-Based Malware Detection](https://www.mdpi.com/2079-9292/14/19/3915)[Evaluating the Robustness of a Production Malware Detection System to Transferable Adversarial Attacks](https://arxiv.org/abs/2510.01676)[Defending against Stegomalware in Deep Neural Networks with Permutation Symmetry](https://arxiv.org/abs/2509.20399)Follow me on Twitter: [@securityaffairs](https://twitter.com/securityaffairs) and [Facebook](https://www.facebook.com/sec.affairs) and [Mastodon](https://infosec.exchange/@securityaffairs)[Pierluigi Paganini](http://www.linkedin.com/pub/pierluigi-paganini/b/742/559)([SecurityAffairs](http://securityaffairs.co/wordpress/) — hacking, [newsletter](https://securityaffairs.com/182706/malware/security-affairs-malware-newsletter-round-64.html))
Related Tags:
GOLD SAHARA
Akira
PUNK SPIDER
NAICS: 54 – Professional
Scientific
Technical Services
NAICS: 334 – Computer And Electronic Product Manufacturing
NAICS: 517 – Telecommunications
NAICS: 541 – Professional
Scientific
Technical Services
NAICS: 518 – Computing Infrastructure Providers
Data Processing
Web Hosting
Related Services
NAICS: 33 – Manufacturing – Metal
Electronics And Other
Associated Indicators: