SECURITY Affairs’ Malware Newsletter Round 93, authored by Pierluigi Paganini on 19 April 2026, presents a curated collection of malware-focused articles and research from across the international landscape. The roundup features items such as CPU-Z / HWMonitor watering hole infection – a copy-pasted attack, and Fake Claude site installs malware that gives attackers access to your computer, with references to sources including Securelist and Malwarebytes.
It also highlights JANELARAT, a financial threat targeting users in Latin America, and Mirax: a new Android RAT turning infected devices into residential proxy nodes, alongside discussions of Mirax extraction pipelines and related research. Other included pieces examine QEMU abuse to evade detection and enable ransomware delivery, as well as analyses of data exfiltration and session theft linked to shared C2 infrastructure.
The newsletter underscores a broad spectrum of malware topics, from botnets and droppers to OT-focused malware, and links to related research and blogs such as Fortinet, Palo Alto Networks Unit42, Darktrace, Elastic, and others.