Malpedia Library

Click here to download all references as Bib-File.•

2025-12-08 ⋅ Swisscom B2B CSIRT ⋅ Matthieu Gras, Swisscom B2B CSIRT
Swisscom B2B CSIRT - TDR Intel Brief: Unmasking Amadey 5
Amadey

2025-12-04 ⋅ CrowdStrike ⋅ CrowdStrike Counter Adversary Operations
Unveiling WARP PANDA: A New Sophisticated China-Nexus Adversary
BRICKSTORM

2025-12-02 ⋅ ⋅ Positive Technologies ⋅ Igor Shiryaev, Kirill Navoshchik, Maxim Shamanov, Stanislav Pyzhov, Vladislav Lunin
(Ex)Cobalt. A review of the group's tools in attacks for 2024-2025

2025-11-26 ⋅ CERT-FR ⋅ CERT-FR
Mobile phones: Threat landscape since 2015

2025-11-24 ⋅ ⋅ ISH Tecnologia ⋅ Caique Barqueta, Ícaro César
Analysis of the WhatsWorm Campaign leading to the implementation of the Eternity Stealer.

2025-11-22 ⋅ Synaptic Security ⋅ Robin Dost
Inside Gamaredon 2025: Zero-Click Espionage at Scale
PteroGraphin Pteranodon

2025-11-21 ⋅ K7 Security ⋅ Dhanush, Srinivasan E
Brazilian Campaign: Spreading the Malware via WhatsApp

2025-11-20 ⋅ Validin ⋅ Validin
Inside DPRK’s Fake Job Platform Targeting U.S. AI Talent

2025-11-20 ⋅ Google ⋅ Dan Perez, Harsh Parashar, Tierra Duncan
Beyond the Watering Hole: APT24's Pivot to Multi-Vector Attacks
BADAUDIO Cobalt Strike

2025-11-20 ⋅ Orange Cyberdefense ⋅ Alexis Bonnefoi, Marine PICHON
A Pain in the Mist: Navigating Operation DreamJob’s arsenal
BURNBOOK MISTPEN

2025-11-20 ⋅ ThreatFabric ⋅ ThreatFabric
Sturnus: Mobile Banking Malware bypassing WhatsApp, Telegram and Signal Encryption
Sturnus

2025-11-19 ⋅ Amazon ⋅ CJ Moses
New Amazon Threat Intelligence findings: Nation-state actors bridging cyber and kinetic warfare

2025-11-19 ⋅ Spamhaus ⋅ Jonas Arnold
The anatomy of bulletproof hosting – past, present, future

2025-11-19 ⋅ SecurityScorecard ⋅ Gilad Friedenreich Maizles, Marty Kareem
Thousands of ASUS Routers Hijacked in Global Operation “WrtHug” in a Suspected China-Backed Campaign

2025-11-19 ⋅ ESET Research ⋅ Dávid Gábriš, Facundo Muñoz
PlushDaemon compromises network devices for adversary-in-the-middle attacks
EdgeStepper LittleDaemon

2025-11-18 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Cyberattack against an educational institution in eastern Ukraine using the GAMYBEAR software tool (CERT-UA#18329)
GAMYBEAR

2025-11-17 ⋅ 0x0d4y ⋅ 0x0d4y
Nation-State Actor’s Arsenal: An In-Depth Look at Lazarus’ ScoringMathTea
ScoringMathTea

2025-11-15 ⋅ Elastic ⋅ Jia Yu Chan, Salim Bitam
RONINGLOADER: DragonBreath’s New Path to PPL Abuse
DragonBreath RONINGLOADER

2025-11-14 ⋅ The Record ⋅ Jonathan Greig
Multiple US citizens plead guilty to helping North Korean IT workers earn $2 million

2025-11-13 ⋅ Politie NL ⋅ Politie NL
Again criminal infrastructure dismantled in international ransomware operation
Rhadamanthys Venom RAT