Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscapeMalware NewsletterMore Than 4,000 Legacy Routers Compromised by AryStinger, Turned into Global Attack Proxies for Hackers A VBScript campaign distributed through WhatsApp deploying RMM software Lost in relocation: analysis of a new loader distributing CASTLESTEALER PSA: Supply Chain Compromise Targets ShapedPlugin, Backdoored Pro Plugins Distributed via Official ChannelsFrom PostCSS Masquerading to Windows RAT Prinz Eugen ransomware: a deep dive into a new Go-based encryptorFrom package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet Backdoor.Mistic: New Backdoor May be Linked to Ransomware Access Broker ESET takes part in Operation Endgame to disrupt Amadey and Stealc StealC you later: Proofpoint and IBM X-Force support Operation Endgame disruptions Backdoor.Mistic: New Backdoor May be Linked to Ransomware Access Broker macOS.Gaslight | Rust Backdoor Turns Prompt Injection on the Analyst, Not the Sandbox Miasma Mini Shai-Hulud Hits LeoPlatform npm Packages and GitHub Actions, Expands to the Go Ecosystem CL-STA-1062 Targets Southeast Asian Governments and Critical Infrastructure DroidBreaker: Practical and Functional Problem-Space Attacks on Machine-Learning Android Malware DetectorsBurnyard: Future of Malware AnalysisConsistent and Compatible Modelling of Cyber Intrusions and Incident Response Demonstrated in the Context of Malware Attacks on Critical InfrastructureAn Explainable Hybrid Pipeline for Malware Classification: Benchmark Construction, Feature Reduction, and Security-Oriented EvaluationFollow me on Twitter: @securityaffairs and Facebook and MastodonPierluigi Paganini(SecurityAffairs – hacking, newsletter)