Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscapeMalware Newsletter9 Malicious NuGet Packages Deliver Time-Delayed Destructive PayloadsGlassWorm Returns: New Wave Strikes as We Expose Attacker InfrastructureGootloader Returns: What Goodies Did They Bring?Active Water Saci Campaign Spreading Via WhatsApp Features Multi-Vector Persistence and Sophisticated C&C Malicious NPM Package Found Targeting GitHub By Typosquatting on GitHub Action Packages DanaBot malware is back to infecting Windows after 6-month breakPhishing Campaigns “I Paid Twice” Targeting Booking.com Hotels and CustomersQ3 2025 Ransomware ReportLazarus Group targets Aerospace and Defense with new Comebacker variantFantasy Hub: Another Russian Based RAT as M-a-a-S The Great Indonesian TEA Theft: Analyzing a NPM Spam CampaignContagious Interview Actors Now Utilize JSON Storage Services for Malware DeliveryUnleashing the Kraken ransomware group Malicious Chrome Extension Exfiltrates Seed Phrases, Enabling Wallet Takeover Pack-A-Mal: A Malware Analysis Framework for Open-Source PackagesExploiting Data Structures for Bypassing and Crashing Anti-Malware Solutions via Telemetry Complexity AttacksMalRefiner: Recovering Malware Semantics via Reinforcement Learning-Based Semantic NOP RemovalIntegrated Analysis of Malicious Software: Insights from Static and Dynamic PerspectivesFollow me on Twitter: @securityaffairs and Facebook and MastodonPierluigi Paganini(SecurityAffairs – hacking, newsletter)