SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 68

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape————————————————————————————————————————————-Malware Newsletter[TikTok videos continue to push infostealers in ClickFix attacks](https://www.bleepingcomputer.com/news/security/tiktok-videos-continue-to-push-infostealers-in-clickfix-attacks/)[131 Spamware Extensions Targeting WhatsApp Flood Chrome Web Store](https://socket.dev/blog/131-spamware-extensions-targeting-whatsapp-flood-chrome-web-store)[Salty Much: Darktrace’s view on a recent Salt Typhoon intrusion](https://www.darktrace.com/blog/salty-much-darktraces-view-on-a-recent-salt-typhoon-intrusion)[Shifts in the Underground: The Impact of Water Kurita’s (Lumma Stealer) Doxxing](https://www.trendmicro.com/en_us/research/25/j/the-impact-of-water-kurita-lumma-stealer-doxxing.html)[To Be (A Robot) or Not to Be: New Malware Attributed to Russia State-Sponsored COLDRIVER](https://cloud.google.com/blog/topics/threat-intelligence/new-malware-russia-coldriver/)[Malicious NuGet Packages Typosquat Nethereum to Exfiltrate Wallet Keys](https://socket.dev/blog/malicious-nuget-packages-typosquat-nethereum-to-exfiltrate-wallet-keys)[GlassWorm: First Self-Propagating Worm Using Invisible Code Hits OpenVSX Marketplace](https://www.koi.ai/blog/glassworm-first-self-propagating-worm-using-invisible-code-hits-openvsx-marketplace)[PhantomCaptcha -| Multi-Stage WebSocket RAT Targets Ukraine in Single-Day Spearphishing Operation](https://www.sentinelone.com/labs/phantomcaptcha-multi-stage-websocket-rat-targets-ukraine-in-single-day-spearphishing-operation/)[Gotta fly: Lazarus targets the UAV sector](https://www.welivesecurity.com/en/eset-research/gotta-fly-lazarus-targets-uav-sector/)[Fast, Broad, and Elusive: How Vidar Stealer 2.0 Upgrades Infostealer Capabilities](https://www.trendmicro.com/en_us/research/25/j/how-vidar-stealer-2-upgrades-infostealer-capabilities.html)[StealthServer: A Dual-Platform Backdoor from a South Asian APT Group](https://blog.xlab.qianxin.com/apt-stealthserver-en/)[Dissecting YouTube’s Malware Distribution Network October 23, 2025](https://research.checkpoint.com/2025/youtube-ghost-network/)[NeuPerm: Disrupting Malware Hidden in Neural Network Parameters by Leveraging Permutation Symmetry](https://arxiv.org/abs/2510.20367)[ThreatIntel-Andro: Expert-Verified Benchmarking for Robust Android Malware Research](https://arxiv.org/abs/2510.16835)[Innovative Method for Detecting Malware by Analysing API Request Sequences Based on a Hybrid Recurrent Neural Network for Applied Forensic Auditing](https://www.mdpi.com/2571-5577/8/5/156)[Decentralized Federated Learning for IoT Malware Detection at the Multi-Access Edge: A Two-Tier, Privacy-Preserving Design](https://www.mdpi.com/1999-5903/17/10/475)Follow me on Twitter: [@securityaffairs](https://twitter.com/securityaffairs) and [Facebook](https://www.facebook.com/sec.affairs) and [Mastodon](https://infosec.exchange/@securityaffairs)[Pierluigi Paganini](http://www.linkedin.com/pub/pierluigi-paganini/b/742/559)([SecurityAffairs](http://securityaffairs.co/wordpress/) — hacking, newsletter)

Related Tags:
LummaStealer

Salt Typhoon

Star Blizzard

TA446

COLDRIVER

Callisto Group

SEABORGIUM

NAICS: 54 – Professional

Scientific

Technical Services

NAICS: 334 – Computer And Electronic Product Manufacturing

Associated Indicators:

Threat Intel Solutions

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 68

Search

Popular Posts

Dangerous runC flaws could allow hackers to escape Docker containers

Lost iPhone? Don’t fall for phishing texts saying it was found

NAKIVO Introduces v11.1 with Upgraded Disaster Recovery and MSP Features

Categories

Pages

Archives

Tags

Follow Us