Malpedia Library

Click here to download all references as Bib-File.•

2026-04-23 ⋅ Mandiant ⋅ Josh Kelley, JP Glab, Muhammad Umair, Tufail Ahmed
Snow Flurries: How UNC6692 Employed Social Engineering to Deploy a Custom Malware Suite
SNOWBASIN UNC6692

2026-04-21 ⋅ Trend Micro ⋅ Lucas Silva
Void Dokkaebi Uses Fake Job Interview Lure to Spread Malware via Code Repositories
BeaverTail JADESNOW OtterCookie InvisibleFerret

2026-04-08 ⋅ Lookout ⋅ Alemdar Islamoglu, Justin Albrecht
Beyond BITTER: MENA Civil Society Targeted in Hack-For-Hire Operation Linked to BITTER APT
ProSpy

2026-03-06 ⋅ nadsec ⋅ nadsec
Coruna: A Complete Technical Teardown
Coruna

2026-02-19 ⋅ Elastic ⋅ Elastic Security Labs, Salim Bitam
MIMICRAT: ClickFix Campaign Delivers Custom RAT via Compromised Legitimate Websites
AstarionRAT

2026-02-17 ⋅ Hunt.io ⋅ Hunt.io
Fake Homebrew Typosquats Used to Deliver Cuckoo Stealer via ClickFix

2026-02-17 ⋅ ⋅ CERT.PL ⋅ CERT.PL
ClickFix in action: how a fake captcha can encrypt an entire company
Latrodectus Supper

2026-01-28 ⋅ Accenture ⋅ Accenture Cyber Threat Intelligence
Analysis of RustyRocket – A Custom WorldLeaks Exfiltration Tool
RustyRocket

2026-01-28 ⋅ Natto Thoughts ⋅ Eugenio Benincasa
Provincial Tasking, Cross-Provincial Execution: A Case-Based Look at How China Scales Cyber Operations

2026-01-23 ⋅ BlackPoint ⋅ Jack Patrick, Sam Decker
Novel Fake CAPTCHA Chain Delivering Amatera Stealer
ACR Stealer Amatera

2026-01-19 ⋅ OpenSourceMalware ⋅ Paul McCarty
Contagious Interview gets an upgrade for 2026 - A comprehensive analysis by OpenSourceMalware
OtterCandy

2026-01-05 ⋅ HudsonRock ⋅ InfoStealers
Dozens of Global Companies Hacked via Cloud Credentials from Infostealer Infections & More at Risk

2025-11-17 ⋅ KELA ⋅ KELA Cyber Intelligence Center
ByteToBreach: A Deep Dive into a Persistent Data Leak Operator
ByteToBreach

2025-11-13 ⋅ Trend Micro ⋅ Junestherry Dela Cruz, Sarah Pearl Camiling
Increase in Lumma Stealer Activity Coincides with Use of Adaptive Browser Fingerprinting Tactics
Lumma Stealer Water Kurita

2025-11-05 ⋅ nviso ⋅ Maxime Thiebaut
Decoding VShell: Insights into a Chinese-Language Cyber Espionage Tool
VShell

2025-11-02 ⋅ Symantec ⋅ Broadcom, Symantec
Multi-Stage In-Memory Agent Tesla Campaign Targets LATAM
Agent Tesla

2025-10-31 ⋅ Expel ⋅ AARON WALTON
Certified OysterLoader: Tracking Rhysida ransomware gang activity via code-signing certificates
Broomstick

2025-10-21 ⋅ Trend Micro ⋅ Junestherry Dela Cruz
Fast, Broad, and Elusive: How Vidar Stealer 2.0 Upgrades Infostealer Capabilities
Vidar

2025-10-16 ⋅ Trendmicro ⋅ Junestherry Dela Cruz
Shifts in the Underground: The Impact of Water Kurita’s (Lumma Stealer) Doxxing
Lumma Stealer Water Kurita

2025-09-26 ⋅ Arctic Wolf ⋅ Arctic Wolf
Smash and Grab: Aggressive Akira Campaign Targets SonicWall VPNs, Deploys Ransomware in an Hour or Less
Akira Akira