Malpedia Library

Click here to download all references as Bib-File.•

2026-05-04 ⋅ Trend Micro ⋅ Ahmed Mohamed Ibrahim, Aliakbar Zahravi
Quasar Linux (QLNX) – A Silent Foothold in the Supply Chain: Inside a Full-Featured Linux RAT With Rootkit, PAM Backdoor, Credential Harvesting Capabilities
QLNX

2026-04-30 ⋅ Kaspersky ⋅ Anna Lazaricheva, Anton Kargin, Victoria Vlasova, Vladimir Gursky
Silver Fox uses the new ABCDoor backdoor to target organizations in Russia and India
ABCDoor

2026-04-23 ⋅ bluecyber ⋅ Son Vu
MUSTANG PANDA × PLUGX - From deceptive LNK to multi-transport backdoor
PlugX

2026-04-23 ⋅ cocomelonc ⋅ cocomelonc
MacOS malware persistence 10: caffeinate LOLBin. Simple C example

2026-04-22 ⋅ Expel ⋅ Marcus Hutchins
Inside Lazarus: How North Korea uses AI to industrialize attacks on developers
BeaverTail OtterCookie InvisibleFerret HexagonalRodent

2026-04-18 ⋅ Github (zanez) ⋅ Irvin Martínez González
WannaCry Malware Analysis - How YOU Could have Saved the World
WannaCryptor

2026-04-18 ⋅ Hexastrike Cybersecurity ⋅ Maurice Fielenbach
Cloned, Loaded, and Stolen: How 109 Fake GitHub Repositories Delivered SmartLoader and StealC
SmartLoader Stealc

2026-04-16 ⋅ Twitter (@anyrun_app) ⋅ Achmad Adhikara, GridGuardGhoul
Tweet about SpankRat
SpankRAT

2026-04-16 ⋅ Darktrace ⋅ Calum Hall, Ryan Traill
Inside ZionSiphon: Darktrace’s Analysis of OT Malware Targeting Israeli Water Systems
ZionSiphon

2026-04-15 ⋅ Cyberdaily.au ⋅ David Hollingworth
Exclusive: Krybit hackers claim breach of New Zealand IT services provider
Krybit

2026-04-14 ⋅ RedPacket Security ⋅ RedPacket Security
[KRYBIT] – Ransomware Victim: Hacked 0APT
Krybit

2026-04-13 ⋅ Twitter (@anyrun_app) ⋅ Achmad Adhikara, khr0x
Tweet about HanGhost

2026-04-13 ⋅ Dataminr ⋅ Tim Miller
Cyber Intel Brief: Pro-Iranian Actor Ababil of Minab Claims Cyberattack on LA Metro (LACMTA)
Ababil of Minab

2026-04-10 ⋅ Infoblox ⋅ Chong Lua Dao, Infoblox Threat Intel
Scams, Slaves and (Malware-as-a) Service: Tracking a Trojan to Cambodia’s Scam Centers

2026-04-08 ⋅ Lookout ⋅ Alemdar Islamoglu, Justin Albrecht
Beyond BITTER: MENA Civil Society Targeted in Hack-For-Hire Operation Linked to BITTER APT
ProSpy

2026-04-08 ⋅ Black Lotus Labs ⋅ Danny Adamitis, Ryan English
FrostArmada: All thriller, no (malware) filler

2026-04-07 ⋅ Talos Intelligence ⋅ Ashley Shen
New Lua-based malware “LucidRook” observed in targeted attacks against Taiwanese organizations
LucidKnight LucidPawn LucidRook UAT-10362

2026-04-07 ⋅ RedPacket Security ⋅ RedPacket Security
[KRYBIT] – Ransomware Victim: fraper[.]com
Krybit

2026-04-07 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
SOHO router compromise leads to DNS hijacking and adversary-in-the-middle attacks

2026-04-07 ⋅ IC3 ⋅ CISA, CNMF, Department of Energy (DOE), EPA, FBI, NSA
AA26-097A: Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure