EVOLUTION OF MALWARE TACTICS IN 2025-2026: AI-DRIVEN THREATS, SUPPLY CHAIN VULNERABILITIES, AND MEMORY-BASED DETECTION

Special Issue - Innovative Commerce: Bridging Business and Computer Applications (ICBBCA-2026) |PG Department of Commerce with Computer Applications, Mannar Thirumalai Naicker College, Madurai – March 2026| International Journal of Computer Science (IJCS) Published by SK Research Group of Companies (SKRGC)

Abstract

The cybersecurity threat landscape has undergone significant transformation in 2025-2026, characterized by the integration of artificial intelligence across the attack lifecycle and the exploitation of software supply chains. This paper presents a comprehensive analysis of contemporary malware tactics, detection methodologies, and defense strategies based on recent industry reports and academic research. We examine the role of AI as a force multiplier in social engineering, reconnaissance, and malware development, alongside the fragmentation of ransomware operations toward decentralized models. The paper investigates supply chain vulnerabilities in open-source ecosystems, particularly the PyPI repository, and evaluates machine learning-based detection frameworks including DySec, which achieves 96% accuracy in identifying malicious packages. Furthermore, we analyze memory forensics approaches enhanced by large language models for interpretable threat hunting and indicator extraction. Our findings indicate that modern malware defense requires hybrid approaches combining static, dynamic, and memory-based analysis, with explainable AI playing an increasingly critical role in analyst workflow efficiency.

References

1. S. Khan, H. Raza, and M. Alam, "AI-Driven Malware Analysis and Detection: A Comprehensive Survey of Techniques, Trends and Challenges," Journal of Informatics and Web Engineering, vol. 5, no. 1, pp. 106–129, Feb. 2026. doi: 10.33093/jiwe.2026.5.1.7.
2. Check Point Research, "Cyber Security Report 2026," Check Point Software Technologies, Tel Aviv, Israel, Jan. 2026. [Online]. Available: https://research.checkpoint.com/2026/cyber-security-report-2026/
3. S. T. Mehedi, C. Islam, G. Ramachandran, and R. Jurdak, "DySec: A Machine Learning-based Dynamic Analysis for Detecting Malicious Packages in PyPI Ecosystem," IEEE Transactions on Information Forensics and Security, vol. 21, pp. 6–1331, Feb. 2026. doi: 10.1109/TIFS.2026.3654388.
4. S. L. Sanna, D. Maiorca, and G. Giacinto, "An Explainable Memory Forensics Approach for Malware Analysis," arXiv preprint arXiv:2602.19831, Feb. 2026. [Online]. Available: https://arxiv.org/abs/2602.1983
5. U. Prasad and A. Chawla, "A Unified Evaluation of Learning-Based Similarity Techniques for Malware Detection," arXiv preprint arXiv:2602.15376, Feb. 2026. [Online]. Available: https://arxiv.org/abs/2602.15376
6. K. Aryal et al., "Robustness and Adversarial Resilience for Malware ML," University of Nebraska Omaha, Omaha, NE, USA, 2026. [Online]. Available: https://www.unomaha.edu/college-of-information-science-and-technology/research-labs/collaboratoriums/cybersecurity.php
7. H. Manthena, S. Shajarian, J. Kimmell, M. Abdelsalam, S. Khorsandroo, and M. Gupta, "Explainable Artificial Intelligence (XAI) for malware analysis: A survey of techniques, applications, and open challenges," IEEE Access, vol. 13, pp. 61611-61640, 2025. doi: 10.1109/access.2025.3555926.
8. VMRay Labs, "December 2025 - January 2026 Detection Highlights: 12 new VTIs, 65+ YARA rules, and more config extractors," VMRay, Bochum, Germany, Feb. 2026. [Online]. Available: https://www.vmray.com/december-2025-january-2026-detection-highlights12-new-vtis-65-yara-rules-and-more-config-extractors/
9. A. Djenna, A. Bouridane, S. Rubab, and I. Marou, "Artificial intelligence-based malware detection, analysis, and mitigation," Symmetry, vol. 15, no. 3, pp. 677, 2023. doi: 10.3390/sym15030677.
10. R. Vinayakumar, M. Alazab, K. P. Soman, P. Poornachandran, and S. Venkatraman, "Robust intelligent malware detection using deep learning," IEEE Access, vol. 7, pp. 46717-46738, 2019. doi: 10.1109/ACCESS.2019.2906934.

Keywords

Malware analysis; artificial intelligence; supply chain security; memory forensics; machine learning detection; ransomware evolution.