Malpedia Library

Click here to download all references as Bib-File.•

2026-03-09 ⋅ Abstract Security ⋅ Abstract Security Threat Research Organization (ASTRO)
Contagious Interview: Evolution of VS Code and Cursor Tasks Infection Chains Part 2
GolangGhost PylangGhost GolangGhost

2026-03-06 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
AI as tradecraft: How threat actors operationalize AI
OtterCookie

2026-03-05 ⋅ eSentire ⋅ eSentire Threat Response Unit (TRU)
North Korean APT Malware Analysis: DEV#POPPER RAT and OmniStealer (Everyday I'm Shufflin')
JADESNOW

2026-03-04 ⋅ EG-FinCirt ⋅ EG-FinCirt Malware Analysis team
Remcos RAT Operations: How Attackers Gain and Maintain Control
Remcos

2026-03-03 ⋅ Google ⋅ Google Threat Intelligence Group
Coruna: The Mysterious Journey of a Powerful iOS Exploit Kit

2026-03-03 ⋅ Microsoft ⋅ Microsoft
Signed malware impersonating workplace apps deploys RMM backdoors
TrustConnect RAT

2026-02-28 ⋅ Github (cocomelonc) ⋅ cocomelonc
MacOS malware persistence 4: AutoLaunched Applications, Background Task Management (BTM). Simple C example

2026-02-26 ⋅ Lab52 ⋅ Lab52
PlugX Meeting Invitation via MSBuild and GDATA
PlugX

2026-02-26 ⋅ ⋅ Gdata ⋅ G DATA Security Lab
Free games with unexpected costs
HijackLoader

2026-02-25 ⋅ Hive Pro ⋅ Hive Pro
SANDWORM_MODE: npm Supply Chain Attack Targeting AI Development Tools

2026-02-25 ⋅ Abstract Security ⋅ Abstract Security Threat Research Organization (ASTRO)
Contagious Interview: Evolution of VS Code and Cursor Tasks Infection Chains - Part 1
BeaverTail PylangGhost GolangGhost

2026-02-25 ⋅ Twitter (@anyrun_app) ⋅ Achmad Adhikara, ANY.RUN
Tweet about KarstoRAT
KarstoRAT

2026-02-24 ⋅ BlueVoyant ⋅ Joshua Green, Patrick Mchale
Mercenary Akula Hits Ukraine-Supporting Financial Institution
RMS

2026-02-24 ⋅ Symantec ⋅ Threat Hunter Team
North Korean Lazarus Group Now Working With Medusa Ransomware
ComeBacker Medusa

2026-02-23 ⋅ ⋅ DisInfo ⋅ DisInfo
Technical attack, public discredit and isolation! The history of an IT company in Moldova, pushed outside the European market

2026-02-23 ⋅ abuse.ch ⋅ abuse.ch
MalwareBazaar | SHA256 be2db69fbde37ce4b0dbd51a85cb18f78a1bfda70ef2f4ed7dcde75051f3659b (RatonRAT)
RatonRAT

2026-02-22 ⋅ Securite360.net ⋅ Muffin
OPSEC on a Budget: What BadAudio Reveals About APT24
BADAUDIO

2026-02-22 ⋅ kmsec ⋅ Kieran Miyamoto
Tracking DPRK operator IPs over time

2026-02-19 ⋅ Elastic ⋅ Elastic Security Labs, Salim Bitam
MIMICRAT: ClickFix Campaign Delivers Custom RAT via Compromised Legitimate Websites
AstarionRAT

2026-02-19 ⋅ Proofpoint ⋅ Proofpoint
(Don't) TrustConnect: It's a RAT in an RMM hat
TrustConnect RAT