Click here to download all references as Bib-File.•
| 2026-04-08
⋅
Black Lotus Labs
⋅
FrostArmada: All thriller, no (malware) filler |
| 2026-04-07
⋅
Microsoft
⋅
SOHO router compromise leads to DNS hijacking and adversary-in-the-middle attacks |
| 2026-04-07
⋅
NCSC UK
⋅
APT28 exploit routers to enable DNS hijacking operations |
| 2026-04-07
⋅
Gen Digital
⋅
Remus: Unmasking The 64-bit Variant of the Infamous Lumma Stealer Lumma Stealer Remus Tenzor |
| 2026-04-01
⋅
cocomelonc
⋅
MacOS hacking part 13: sysinfo stealer via VirusTotal API. Simple C example |
| 2026-03-31
⋅
Google
⋅
North Korea-Nexus Threat Actor Compromises Widely Used Axios NPM Package in Supply Chain Attack WAVESHAPER |
| 2026-03-30
⋅
Synthient
⋅
ProxyBox: Socks5Systemz Lives On Socks5 Systemz |
| 2026-03-26
⋅
ANY.RUN
⋅
Active Magecart Campaign Targets Spain, Steals Card Data via Hijacked eStores for Bank Fraud magecart |
| 2026-03-26
⋅
Rapid7
⋅
BPFdoor in Telecom Networks: Sleeper Cells in the Backbone BPFDoor tsh |
| 2026-03-25
⋅
ANY.RUN
⋅
Kamasers Analysis: A Multi-Vector DDoS Botnet Targeting Organizations Worldwide Kamasers |
| 2026-03-23
⋅
Netomize
⋅
Detect SnappyClient C&C Traffic Using PacketSmith + Yara-X Detection Module SnappyClient |
| 2026-03-23
⋅
Sophos
⋅
NICKEL ALLEY strategy: Fake it ‘til you make it PylangGhost GolangGhost |
| 2026-03-20
⋅
Nextron Systems
⋅
RegPhantom Backdoor Threat Analysis RegPhantom |
| 2026-03-18
⋅
Google
⋅
The Proliferation of DarkSword: iOS Exploit Chain Adopted by Multiple Threat Actors GHOSTBLADE |
| 2026-03-17
⋅
Seqrite
⋅
Operation GhostMail: Russian APT exploits Zimbra Webmail to Target Ukraine State Agency Unidentified JS 007 (Zimbra Stealer) |
| 2026-03-17
⋅
Hunt.io
⋅
Iranian Botnet Exposed via Open Directory: 15-Node Relay Network and Active C2 |
| 2026-03-17
⋅
NTT Security
⋅
StoatWaffle, malware used by WaterPlum StoatWaffle |
| 2026-03-16
⋅
Ransom-ISAC
⋅
Contagious Interview: VS Code to RAT StoatWaffle |
| 2026-03-13
⋅
Analyst’s Brief: Moonrise RAT MoonRise |
| 2026-03-13
⋅
kmsec
⋅
First instance of PylangGhost RAT observed on npm PylangGhost |