Malpedia Library

Click here to download all references as Bib-File.•

2025-09-23 ⋅ Zscaler ⋅ Zscaler
YiBackdoor: A New Malware Family With Links to IcedID and Latrodectus
YiBackdoor

2025-09-22 ⋅ EclecticIQ ⋅ Arda Büyükkaya
ShinyHunters Calling: Financially Motivated Data Extortion Group Targeting Enterprise Cloud Applications

2025-09-18 ⋅ Hunt.io ⋅ Hunt.io
Tracking AsyncRAT via Trojanized ScreenConnect and Open Directories
AsyncRAT

2025-09-16 ⋅ Wiz.io ⋅ Barak Sharoni, Merav Bar, Rami McCarthy
Shai-Hulud: Ongoing Package Supply Chain Worm Delivering Data-Stealing Malware
Shai-Hulud

2025-09-16 ⋅ Proofpoint ⋅ Greg Lesnewich, Mark Kelly, Nick Attfield, Proofpoint Threat Research Team
Going Underground: China-aligned TA415 Conducts U.S.-China Economic Relations Targeting Using VS Code Remote Tunnels

2025-09-16 ⋅ Infoblox ⋅ Infoblox Threat Intelligence Group
Deniability by Design: DNS-Driven Insights into a Malicious Ad Network

2025-09-16 ⋅ Sekoia ⋅ Amaury G., Charles M., Sekoia TDR
APT28 Operation Phantom Net Voxel
BEARDSHELL GRUNT SLIMAGENT

2025-09-16 ⋅ Reverse The Malware ⋅ Diyar Saadi
Analyze a Malicious Prompt Generator.

2025-09-15 ⋅ Huntress Labs ⋅ Chad Hudson, Michael Elford
Huntress Threat Advisory: The Dangers of Storing Unencrypted Passwords
Akira

2025-09-15 ⋅ Zscalar ⋅ ThreatLabZ research team
SmokeLoader Rises From the Ashes
SmokeLoader

2025-09-12 ⋅ Medium (@zyadlzyatsoc) ⋅ Zyad Elzyat
XWorm Malware Analysis: SOC & IR Perspective on Persistence, C2, and Anti-Analysis Tactics
XWorm

2025-09-11 ⋅ IBM X-Force ⋅ Golo Mühr, Joshua Chung
Hive0154, aka Mustang Panda, drops updated Toneshell backdoor and novel SnakeDisk USB worm
PUBLOAD SnakeDisk TONESHELL Yokai

2025-09-11 ⋅ Trend Micro ⋅ Armando Nathaniel Pedragoza, Emmanuel Panopio, Emmanuel Roll, Jeffrey Francis Bonaobra, Joshua Aquino, Joshua Lijandro Tsang, Marco Dela Vega, Melvin Singwa, Mohammed Malubay
EvilAI Operators Use AI-Generated Code and Fake Apps for Far-Reaching Attacks
TamperedChef

2025-09-11 ⋅ DataBreaches.net ⋅ Dissent
Going Dark: ShinyHunters/ScatteredSpider/LAPSUS$ Say Goodbye (2)

2025-09-10 ⋅ Zscaler ⋅ Muhammed Irfan V A
Technical Analysis of kkRAT
kkRAT

2025-09-10 ⋅ Palo Alto Networks Unit 42 ⋅ Itay Cohen, Ofek Lahiani
AdaptixC2: A New Open-Source Framework Leveraged in Real-World Attacks
AdaptixC2

2025-09-09 ⋅ S2W Inc. ⋅ S2W TALON
Kimsuky’s Use of GitHub for Malware Delivery and Exfiltration
RandomQuery

2025-09-09 ⋅ Huntress Labs ⋅ Jamie Levy, Lindsey O'Donnell-Welch, Michael Tigges
How an Attacker’s Blunder Gave Us a Rare Look Inside Their Day-to-Day Operations

2025-09-09 ⋅ ThreatFabric ⋅ ThreatFabric
The Rise of RatOn: From NFC heists to remote control and ATS
RatOn

2025-09-08 ⋅ Fortinet ⋅ Yurren Wan
MostereRAT Deployed AnyDesk/TightVNC for Covert Full Access
MostereRAT