Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscapeMalware NewsletterGhost CMS Mass Compromised via CVE-2026-26980, Now Fueling ClickFix Attacks TrapDoor Crypto Stealer Supply Chain Attack Hits 34 Packages and Hundreds of Versions Across npm, PyPI, and Crates.io RemotePE: The Lazarus RAT that lives in memoryFast and Furious – Nimbus Manticore Operations During the Iranian ConflictTracking Iranian APT Screening Serpens’ 2026 Espionage CampaignsExploitation of KnowledgeDeliver via ViewState Deserialization VulnerabilityIntroducing Showboat: A new malware family taunts defenses and targets international telecom firmsLaravel Lang Compromised with RCE Backdoor Across 700+ Versions Disrupting Glassworm: Inside CrowdStrike’s Takedown of a Developer-Targeting BotnetMalware-Slop: New Malicious npm Package Leaks Its Own GitHub Private Token Grandoreiro Malware Campaign Targets Europe and Latin America FortiClient EMS Exploited via CVE-2026-35616 to Deliver EKZ Infostealer Disguised as a Fortinet Patch The History of Fileless Malware – Looking Beyond the BuzzwordBTMOB: A stealthy RAT burrowing deep into Android devices Building an Adversarial Malware Dataset by Family and Type: Generation, Evasion, and Poisoning EvaluationSEED: Semi-supervised Continual MalwarE Detection for Tackling ConcEpt Drift on a BuDgetHybrid Intelligent Detection Approach for Android Malware Using Gradient-Boosting Tree Ensembles and Correlation–Differential Evolution Feature SelectionSelf-Organizing Neural Grove for Malware Detection in IoT Edge DevicesFollow me on Twitter: @securityaffairs and Facebook and MastodonPierluigi Paganini(SecurityAffairs – hacking, newsletter)