A recent malware newsletter highlights several notable threats, including the CloudZ RAT, which can potentially steal one-time password messages using the Pheno plugin. Additionally, a backdoored version of the PyTorch Lightning package has been discovered, dropping a credential stealer. State-sponsored actors are also implicated in various attacks, such as the supply-chain compromise of a gaming platform by ScarCruft and the use of Chaos Ransomware. Furthermore, attackers are leveraging the JavaScript runtime Bun to spread the NWHStealer malware. The exposure of the xlabs_v1 DDoS-for-Hire IoT botnet also poses significant concerns1. These developments underscore the increasing sophistication and geopolitical implications of malware threats, extending beyond immediate targets to pose broader risks. So what matters to practitioners is that state-aligned threat activity elevates the stakes from mere criminality to geopolitical consequences.
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 96
⚡ High Priority
Why This Matters
State-aligned threat activity raises the calculus from criminal to geopolitical — implications extend beyond the immediate target.
References
- SecurityAffairs. (2026, May 10). SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 96. *SecurityAffairs*. https://securityaffairs.com/191911/malware/security-affairs-malware-newsletter-round-96.html
Original Source
SecurityAffairs
Read original →