Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscapeMalware NewsletterSmokeLoader Rises From the Ashes Hive0154, aka Mustang Panda, drops updated Toneshell backdoor and novel SnakeDisk USB wormPopular Tinycolor npm Package Compromised in Supply Chain Attack Affecting 40+ Packages Self-replicating Shai-hulud worm spreads token-stealing malware on npm FileFix in the wild! New FileFix campaign goes beyond POC and leverages steganography Satori Threat Intelligence Alert: SlopAds Covers Fraud with Layers of Obfuscation CISA Releases Malware Analysis Report on Malicious Listener Targeting Ivanti Endpoint Manager Mobile Systems Gamaredon X Turla collabPrompts as Code & Embedded Keys | The Hunt for LLM-Enabled MalwareLarge-Scale Attack Targeting Macs via GitHub Pages Impersonating Companies to Attempt to Deliver Stealer Malware Microarchitectural Malware Detection via Translation Lookaside Buffer (TLB) EventsDCmal-2025: A Novel Routing-Based DisConnectivity Malware—Development, Impact, and CountermeasuresBEACON: Behavioral Malware Classification with Large Language Model Embeddings and Deep LearningBeyond Classification: Evaluating LLMs for Fine-Grained Automatic Malware Behavior AuditingFollow me on Twitter: @securityaffairs and Facebook and MastodonPierluigi Paganini(SecurityAffairs – hacking, newsletter)