Malpedia Library

Click here to download all references as Bib-File.•

2025-12-21 ⋅ Genians ⋅ Genians
Operation Artemis: Analysis of HWP-Based DLL Side Loading Attacks
RokRAT

2025-12-18 ⋅ safebreach ⋅ Tomer Bar
Prince of Persia: A decade of Iranian Nation State APT Campaign Activity
Infy Tonnerre

2025-12-18 ⋅ ESET Research ⋅ Anton Cherepanov, Peter Strýček
LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan
NosyDownloader

2025-12-18 ⋅ Cyderes ⋅ Rahul Ramesh
From Loader to Looter: ACR Stealer Rides on Upgraded CountLoader
ACR Stealer CountLoader

2025-12-18 ⋅ BlackPoint ⋅ Nevan Beal, Sam Decker
New MintsLoader Variant Using Hashtable Obfuscation
MintsLoader

2025-12-17 ⋅ Recorded Future ⋅ Insikt Group
BlueDelta’s Persistent Campaign Against UKR.NET

2025-12-16 ⋅ R3dy's Blog ⋅ Paul Viard
Gozi Gozi Gozi - String Decryption
Gozi ISFB

2025-12-16 ⋅ sysdig ⋅ Sysdig Threat Research Team
EtherRAT dissected: How a React2Shell implant delivers 5 payloads through blockchain C2
EtherRAT

2025-12-15 ⋅ StrikeReady ⋅ StrikeReady Labs
Russian APT actor phishes the Baltics and the Balkans

2025-12-15 ⋅ Amazon ⋅ CJ Moses
Amazon Threat Intelligence identifies Russian cyber threat group targeting Western critical infrastructure

2025-12-15 ⋅ Bleeping Computer ⋅ Sergiu Gatlan
French Interior Ministry confirms cyberattack on email servers

2025-12-12 ⋅ ⋅ Tagesschau ⋅ Markus Sambale, Philipp Eckstein
German government summons Russian ambassador

2025-12-11 ⋅ Trend Micro ⋅ Daniel Lunghi, Feike Hacquebord, Ian Kenefick
SHADOW-VOID-042 Targets Multiple Industries with Void Rabisu-like Tactics
ROMCOM RAT

2025-12-11 ⋅ Malwarebytes ⋅ Pieter Arntz
Another Chrome zero-day under attack: update now

2025-12-10 ⋅ The Record ⋅ Jonathan Greig
DOJ, CISA warn of Russia-linked attacks targeting meat processing plants, nuclear regulatory entities and other critical infrastructure

2025-12-10 ⋅ Check Point Research ⋅ Check Point Research, Jiří Vinopal
Cracking ValleyRAT: From Builder Secrets to Kernel Rootkits
ValleyRAT

2025-12-10 ⋅ Trend Micro ⋅ Ashish Verma, Deep Patel, Jack Walsh, Lucas Silva, Peter Girnus
CVE-2025-55182: React2Shell Analysis, Proof-of-Concept Chaos, and In-the-Wild Exploitation

2025-12-10 ⋅ LinkedIn (Idan Tarab) ⋅ Idan Tarab
Lifting the Shadow: APT-C-35’s Living Web Footprint

2025-12-10 ⋅ zimperium ⋅ Vishnu Pratapagiri
Total Takeover: DroidLock Hijacks Your Device
DroidLock

2025-12-10 ⋅ Netresec ⋅ Erik Hjelmvik
Latrodectus BackConnect
IcedID Keyhole Latrodectus