THE Security Affairs Malware newsletter Round 96, written by Pierluigi Paganini and published on 10 May 2026, offers a curated collection of malware research and coverage from around the international security landscape. According to Security Affairs, the round includes items such as CloudZ RAT potentially steals OTP messages using Pheno, a backdoored PyTorch Lightning package that drops a credential stealer, and analysis on a state-sponsored Shadow behind Chaos Ransomware.
The compilation also highlights a rigged game where ScarCruft compromises a gaming platform through a supply-chain attack, and coverage of NWHStealer spread via JavaScript runtime Bun, among other pieces. It further features insights into IoT botnets like xlabs_v1, and notes from analyses such as Jenkins honeypot revealing a botnet targeting online games. The newsletter presents these stories alongside links to additional research and posts, framing a broad overview of malware threats and trends for the week.