Over 4,000 legacy routers have been compromised by the AryStinger malware, transforming them into attack proxies for hackers worldwide. This campaign highlights the ongoing threat of outdated devices being exploited for malicious purposes. Additionally, a VBScript campaign has been identified, utilizing WhatsApp as a distribution channel to deploy remote monitoring and management software. Researchers have also analyzed a new loader responsible for distributing the CASTLESTEALER malware, which is designed to evade detection. A recent supply chain compromise has targeted the ShapedPlugin, resulting in the distribution of backdoored plugins through official channels1. These developments underscore the importance of staying informed about emerging threats in order to maintain effective defenses. So what matters to practitioners is that awareness of these threats is crucial to preventing exploitation and mitigating potential damage.
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 103
⚡ High Priority
Why This Matters
Security developments continue reshaping the threat landscape — staying informed is the first line of defense.
References
- SecurityAffairs. (2026, June 28). SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 103. SecurityAffairs. https://securityaffairs.com/194383/malware/security-affairs-malware-newsletter-round-103.html
Original Source
SecurityAffairs
Read original →