Click here to download all references as Bib-File.•
| 2026-05-04
⋅
Trend Micro
⋅
Quasar Linux (QLNX) – A Silent Foothold in the Supply Chain: Inside a Full-Featured Linux RAT With Rootkit, PAM Backdoor, Credential Harvesting Capabilities QLNX |
| 2026-04-23
⋅
bluecyber
⋅
MUSTANG PANDA × PLUGX - From deceptive LNK to multi-transport backdoor PlugX |
| 2026-04-23
⋅
cocomelonc
⋅
MacOS malware persistence 10: caffeinate LOLBin. Simple C example |
| 2026-04-23
⋅
Mandiant
⋅
Snow Flurries: How UNC6692 Employed Social Engineering to Deploy a Custom Malware Suite SNOWBASIN UNC6692 |
| 2026-04-22
⋅
Expel
⋅
Inside Lazarus: How North Korea uses AI to industrialize attacks on developers BeaverTail OtterCookie InvisibleFerret HexagonalRodent |
| 2026-04-22
⋅
Gen Digital Inc
⋅
When Malware Authors Study Algebra: The Group Theory Inside Bedep's DGA Bedep |
| 2026-04-21
⋅
Trend Micro
⋅
Void Dokkaebi Uses Fake Job Interview Lure to Spread Malware via Code Repositories BeaverTail JADESNOW OtterCookie InvisibleFerret |
| 2026-04-18
⋅
Github (zanez)
⋅
WannaCry Malware Analysis - How YOU Could have Saved the World WannaCryptor |
| 2026-04-18
⋅
Hexastrike Cybersecurity
⋅
Cloned, Loaded, and Stolen: How 109 Fake GitHub Repositories Delivered SmartLoader and StealC SmartLoader Stealc |
| 2026-04-16
⋅
Darktrace
⋅
Inside ZionSiphon: Darktrace’s Analysis of OT Malware Targeting Israeli Water Systems ZionSiphon |
| 2026-04-15
⋅
Cyberdaily.au
⋅
Exclusive: Krybit hackers claim breach of New Zealand IT services provider Krybit |
| 2026-04-15
⋅
Orange Cyberdefense
⋅
Smoking Out an Affiliate: SmokedHam, Qilin, a few Google Ads and some Bossware Qilin AgendaCrypt SMOKEDHAM |
| 2026-04-15
⋅
Orange Cyberdefense
⋅
Smoking Out an Affiliate: SmokedHam, Qilin, a few Google ads and some bossware AgendaCrypt SMOKEDHAM |
| 2026-04-14
⋅
RedPacket Security
⋅
[KRYBIT] – Ransomware Victim: Hacked 0APT Krybit |
| 2026-04-14
⋅
ANY.RUN
⋅
When Trust Becomes a Weapon: Google Cloud Storage Phishing Deploying Remcos RAT Remcos |
| 2026-04-13
⋅
Dataminr
⋅
Cyber Intel Brief: Pro-Iranian Actor Ababil of Minab Claims Cyberattack on LA Metro (LACMTA) Ababil of Minab |
| 2026-04-13
⋅
Cleafy
⋅
Mirax: a new Android RAT turning infected devices into potential residential proxy nodes Mirax |
| 2026-04-12
⋅
cocomelonc
⋅
Mobile malware development trick 3. CPU info logger: anti-VM and anti-sandbox. Simple Android (Kotlin) example. |
| 2026-04-11
⋅
Breakglass Intelligence
⋅
We Dumped a Live Kimsuky C2 and Recovered Every Stage of the Kill Chain: CHM Dropper, VBScript Stager, PowerShell Keylogger RandomQuery RandomQuery |
| 2026-04-10
⋅
Infoblox
⋅
Scams, Slaves and (Malware-as-a) Service: Tracking a Trojan to Cambodia’s Scam Centers |