Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2026-06-30JFrog SecurityYair Benamou
Lazarus-Linked npm Malware Masquerades as Rollup Polyfills
2026-06-29The DFIR ReportAhmed Farouk, Angelo Violetti, Dino, Jake, Mattison Schuch, Renzon Cruz
From Bing Search to Ransomware: Bumblebee and AdaptixC2 Deliver Akira
Akira AdaptixC2 Akira BumbleBee
2026-06-29BlackPointNevan Beal, Sam Decker
A Djinn in the Machine: TaskWeaver’s Node.js Intrusion Chain
2026-06-24BitSightBitsight TRACE
Amadey and StealC: Malware-as-a-Service Unavailable
Amadey Stealc
2026-06-24JFrog SecurityGuy Korolevski, Yair Benamou
Hijacked npm Packages Use Novel VSCode Autorun and Blockchain Dead Drops to Deploy a Credential/Crypto Stealer
JADESNOW
2026-06-24EuropolEuropol
Global cyber strike disrupts SocGholish, Amadey, and StealC malware networks
FAKEUPDATES Amadey Stealc
2026-06-23Sentinel LABSPhil Stokes
macOS.Gaslight | Rust Backdoor Turns Prompt Injection on the Analyst, Not the Sandbox
Gaslight
2026-06-23abuse.chabuse.ch
MalwareBazaar | SolarisLoader
SolarisLoader
2026-06-22Melted in HexMelted in Hex
Dead Drops on the Blockchain: Reversing a DPRK npm Loader (PolinRider / A6-Shadow-15)
JADESNOW
2026-06-22K7 SecurityHarihara Sudhan
A Multi-Stage Steganographic Loader Campaign Deploying Diverse Payloads Globally
Remcos
2026-06-22JFrog SecurityYair Benamou
From PostCSS Masquerading to Windows RAT
PylangGhost
2026-06-19ElasticDaniel Stepanic
Lost in relocation: analysis of a new loader distributing CASTLESTEALER
CASTLESTEALER
2026-06-18Gen DigitalVojtěch Krejsa
Inside Vidar’s ABE Bypass: From Memory Scanning to APC Injections
Vidar
2026-06-18Daniel Stepanic, Jia Yu Chan
Lost in relocation: analysis of a new loader distributing CASTLESTEALER
oxloader
2026-06-18Qurium
Finding “Popa”: When Your Smart TV Stops Being Yours
BADBOX
2026-06-18Politie NLPolitie NL
International law enforcement initiate hunt on malware group SocGholish
FAKEUPDATES
2026-06-17Rapid7Anna Širokova
Malware à la Mode: Tracking Dropping Elephant Tradecraft Through a China-Themed Loader Chain
Unidentified 125 (RAT, Dropping Elephant)
2026-06-17MicrosoftMicrosoft Defender Research Team
From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet
2026-06-17TechRepublicKezia Jungco
Ozempic Maker Novo Nordisk Confirms Security Incident After $25M Hacker Demand
FulcrumSec
2026-06-17juliangrtz.meJulian Goeritz
I Installed a Fake Resident Evil Mod and Got Pwnd