Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2026-05-04BlueVoyantJoshua Green, Thomas Elkins
Lorem Ipsum Malware: Trojanized MS Teams Installers Deliver Multi-Stage Loader and Backdoor
Lorem Ipsum
2026-04-23MandiantJosh Kelley, JP Glab, Muhammad Umair, Tufail Ahmed
Snow Flurries: How UNC6692 Employed Social Engineering to Deploy a Custom Malware Suite
SNOWBASIN UNC6692
2026-04-01YouTube (Mandiant)Josh Stroschein, Pierre-Marc Bureau
EP24 The Glupteba Takedown: What Happens When Botnet Operators Show Up in Court with Pierre-Marc Bureau
Glupteba
2026-02-24BlueVoyantJoshua Green, Patrick Mchale
Mercenary Akula Hits Ukraine-Supporting Financial Institution
RMS
2025-09-24GoogleAshley Pearson, Austin Larsen, BRAD SLAYBAUGH, Doug Bienstock, Geoff Carstairs, John Wolfram, Josh Madeley, Josh Murchie, Matt Lin, Sarah Yoder
Another BRICKSTORM: Stealthy Backdoor Enabling Espionage into Tech and Legal Sectors
BRICKSTORM
2025-09-11IBM X-ForceGolo Mühr, Joshua Chung
Hive0154, aka Mustang Panda, drops updated Toneshell backdoor and novel SnakeDisk USB worm
PUBLOAD SnakeDisk TONESHELL Yokai
2025-09-11Trend MicroArmando Nathaniel Pedragoza, Emmanuel Panopio, Emmanuel Roll, Jeffrey Francis Bonaobra, Joshua Aquino, Joshua Lijandro Tsang, Marco Dela Vega, Melvin Singwa, Mohammed Malubay
EvilAI Operators Use AI-Generated Code and Fake Apps for Far-Reaching Attacks
TamperedChef
2025-07-28Invoke REJosh Reynolds
Scavenger Malware Distributed via num2words PyPI Supply Chain Compromise
Scavenger
2025-07-20Invoke REcyb3rjerry, Josh Reynolds
Scavenger Malware Distributed via eslint-config-prettier NPM Package Supply Chain Compromise
Scavenger
2025-07-20Invoke REcyb3rjerry, Josh Reynolds
Install Linters, Get Malware - DevSecOps Speedrun Edition
Scavenger
2025-07-16MandiantDimiter Andonov, Josh Goddard, Zander Work
Ongoing SonicWall Secure Mobile Access (SMA) Exploitation Campaign using the OVERSTEP Backdoor
UNC6148
2025-04-22VolexityCharlie Gardner, Josh Duke, Matthew Meltzer, Sean Koessel, Steven Adair, Tom Lancaster
Phishing for Codes: Russian Threat Actors Target Microsoft 365 OAuth Workflows
UTA0352 UTA0355
2025-04-17ProofpointGreg Lesnewich, Josh Miller, Mark Kelly, Saher Naumaan
Around the World in 90 Days: State-Sponsored Actors Try ClickFix
Quasar RAT UNK_RemoteRogue
2025-04-03MandiantJacob Thompson, John Wolfram, Josh Murchie, Matt Lin, Michael Edie
Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457)
SPAWNSNARE
2025-02-28Medium walmartglobaltechJoshua Platt
Agent AI, Basta Parser Extraordinaire
Black Basta Black Basta
2025-01-20Medium walmartglobaltechJason Reaves, Jonathan Mccay, Joshua Platt
Qbot is Back.Connect
ReedBed UNC4393
2024-12-19SophosColin Cowie, Jordon Olness, Joshua Rawles, Mark Parsons, Sean Gallagher
Phishing platform Rockstar 2FA trips, and “FlowerStorm” picks up the pieces
FlowerStorm
2024-09-05IntegoJoshua Long
New macOS malware HZ RAT gives attackers backdoor access to Macs
HZ RAT
2024-08-29GoogleClement Lecigne, Josh Atkins, Luke Jenkins
State-backed attackers and commercial surveillance vendors repeatedly use the same exploits
ANDROSNATCH Unidentified APK 009 (Chrome Recon) COOKIESNATCH VALIDVICTOR
2024-08-19AonDaniel Stein, Joshua Pivirotto, Stroz Friedberg, Zachary Reichert
Unveiling "sedexp": A Stealthy Linux Malware Exploiting udev Rules
sedexp