Malpedia Library

Click here to download all references as Bib-File.•

2026-05-18 ⋅ Zynap ⋅ Oscar Gallego
Zynap’s Next-Gen Sandbox Redefines Automatic Malware Analysis
Black Basta HijackLoader

2026-05-18 ⋅ Gen Threat Labs ⋅ Gen Threat Labs
X.com - Gen Threat Labs - AuraStealer (version 1.8.0)
Aura Stealer

2026-05-17 ⋅ Github (zanez) ⋅ Irvin Martínez González
Analysis on Malware that attacks Israel's Water treatment facilities
ZionSiphon

2026-05-14 ⋅ ESET Research ⋅ ESET Research
FrostyNeighbor: Fresh mischief and digital shenanigans
Cobalt Strike PicassoLoader

2026-05-14 ⋅ ANY.RUN ⋅ Moises Cerqueira
LATAM Under Siege: Agent Tesla’s 18-Month Credential Theft Campaign Against Chilean Enterprises
Agent Tesla

2026-05-14 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Kazuar: Anatomy of a nation-state botnet
Kazuar

2026-05-11 ⋅ pcrisk
Tweet about Lalia Ransomware
Lalia Ransomware

2026-05-11 ⋅ urlscan.io ⋅ urlscan.io
Darcula aka. "Magic Cat"

2026-05-11 ⋅ ThreatFabric ⋅ ThreatFabric
New TrickMo Variant: Device Take Over malware targeting Banking, Fintech, Wallet & Auth apps
TrickMo

2026-05-07 ⋅ Netskope ⋅ Vini Egerland
OpenClaw hologram: Fake installer ships Rust Infostealer
Vidar

2026-05-07 ⋅ R136a1 ⋅ Dominik Reichel
Where Have All the Complex Windows Malware and Their Analyses Gone?

2026-05-06 ⋅ Elastic ⋅ Daniel Stepanic, Jia Yu Chan, Seth Goodwin, Terrance DeJesus
TCLBANKER: Brazilian Banking Trojan Spreading via WhatsApp and Outlook

2026-05-05 ⋅ EG-FinCirt ⋅ EG-FinCirt Malware Analysis team
Payload Ransomware: In-depth technical analysis
Payload

2026-05-05 ⋅ ANY.RUN ⋅ ANY.RUN
New Phishing Campaign Targets US with Credential Theft: What CISOs Need to Know

2026-05-05 ⋅ Red Asgard ⋅ Red Asgard
Hunting Lazarus Part VII: The Server That Was Not Just FTP
BeaverTail OtterCookie

2026-05-05 ⋅ Cisco Talos ⋅ Asheer Malhotra, Brandon White, Jungsoo An
UAT-8302 and its box full of malware
SNOWLIGHT DracuLoader FINALDRAFT SNAPPYBEE STOWAWAY VShell UAT-8302

2026-05-05 ⋅ OpenSourceMalware ⋅ OpenSourceMalware
Lazarus Group Uses Git Hooks To Hide Malware
BeaverTail InvisibleFerret

2026-05-04 ⋅ Trend Micro ⋅ Ahmed Mohamed Ibrahim, Aliakbar Zahravi
Quasar Linux (QLNX) – A Silent Foothold in the Supply Chain: Inside a Full-Featured Linux RAT With Rootkit, PAM Backdoor, Credential Harvesting Capabilities
QLNX

2026-05-03 ⋅ Medium Ireneusz Tarnowski ⋅ Ireneusz Tarnowski
Multi-stage malware delivery campaign using SEO poisoning and serverless infrastructure
AMOS

2026-05-01 ⋅ kmsec ⋅ Kieran Miyamoto
North Korea's abuse of Cloudflare Workers and Pages
PylangGhost