Malpedia Library

Click here to download all references as Bib-File.•

2026-05-05 ⋅ Cisco Talos ⋅ Asheer Malhotra, Brandon White, Jungsoo An
UAT-8302 and its box full of malware
SNOWLIGHT DracuLoader FINALDRAFT SNAPPYBEE STOWAWAY VShell UAT-8302

2026-04-02 ⋅ Cisco Talos ⋅ Asheer Malhotra, Brandon White
UAT-10608: Inside a large-scale automated credential harvesting operation targeting web applications
UAT-10608

2026-03-05 ⋅ Cisco Talos ⋅ Asheer Malhotra, Brandon White
UAT-9244 targets South American telecommunication providers with three new malware implants
BruteEntry PeerTime TernDoor UAT-9244

2026-03-02 ⋅ Talos ⋅ Cisco Talos
Update, March 13: Talos on the developing situation in the Middle East
Tsundere APTIran

2026-02-26 ⋅ Cisco Talos ⋅ Alex Karkins, Chetan Raghuprasad
New Dohdoor malware campaign targets education and health care
DohDoor

2026-02-25 ⋅ Cisco Talos ⋅ Cisco Talos
Active exploitation of Cisco Catalyst SD-WAN by UAT-8616
UAT-8616

2026-02-10 ⋅ Cisco Talos ⋅ Aaron Boyd, Asheer Malhotra, Nick Biasini, Vitor Ventura
New threat actor, UAT-9921, leverages VoidLink framework in campaigns
VoidLink UAT-9921

2026-01-29 ⋅ Cisco Talos ⋅ Joey Chen
Dissecting UAT-8099: New persistence mechanisms and regional focus
UAT-8099

2026-01-15 ⋅ Cisco Talos ⋅ Asheer Malhotra, Brandon White, Vitor Ventura
UAT-8837 targets critical infrastructure sectors in North America
Earthworm Rubeus SharpHound SharpWMI UAT-8837

2026-01-08 ⋅ Cisco Talos ⋅ Asheer Malhotra, Brandon White, Vitor Ventura
UAT-7290 targets high value telecommunications infrastructure in South Asia
DriveSwitch RushDrop SilentRaid DAGGER PANDA

2025-12-23 ⋅ secpod ⋅ Santosh Sethuraman
Zero-Day Crisis: CVE-2025-20393 Unpatched on Cisco Email Gateways, Exploited by China-Linked Hackers
UAT-9686

2025-12-17 ⋅ Cisco Talos ⋅ Cisco Talos
UAT-9686 actively targets Cisco Secure Email Gateway and Secure Email and Web Manager
UAT-9686

2025-11-12 ⋅ Amazon ⋅ CJ Moses
Amazon discovers APT exploiting Cisco and Citrix zero-days

2025-10-16 ⋅ Cisco Talos ⋅ Michael Kelley, Vanja Svajcer
BeaverTail and OtterCookie evolve with a new Javascript module
BeaverTail OtterCookie InvisibleFerret

2025-10-15 ⋅ Trend Micro ⋅ Dove Chiu, Lucien Chuang
Operation Zero Disco: Attackers Exploit Cisco SNMP Vulnerability to Deploy Rootkits

2025-10-02 ⋅ Cisco Talos ⋅ Joey Chen
UAT-8099: Chinese-speaking cybercrime group targets high-value IIS for SEO fraud
Cobalt Strike IISpy UAT-8099

2025-08-15 ⋅ Cisco Talos ⋅ Asheer Malhotra, Brandon White, Vitor Ventura
UAT-7237 targets Taiwanese web hosting infrastructure
SoundBill UAT-7237

2025-08-12 ⋅ Cisco Talos ⋅ Edmund Brumaghin, Jordyn Dunk
Malvertising campaign leads to PS1Bot, a multi-stage malware framework
PS1Bot

2025-08-04 ⋅ Beazley Security Labs ⋅ Alex Delamotte, Bobby Venal, Francisco Donoso, Jim Walter, Sam Mayers, Tell Hause
Ghost in the Zip | New PXA Stealer and Its Telegram-Powered Ecosystem
PXA Stealer

2025-08-04 ⋅ Sentinel LABS ⋅ Alex Delamotte, Bobby Venal, Francisco Donoso, Jim Walter, Sam Mayers, Tell Hause
Ghost in the Zip | New PXA Stealer and Its Telegram-Powered Ecosystem
PXA Stealer