Malpedia Library

Click here to download all references as Bib-File.•

2026-05-31 ⋅ Socket ⋅ Kirill Boychenko
Famous Chollima Targets PHP Developers Through Compromised Packagist Package
JADESNOW

2026-05-26 ⋅ Intrinsec ⋅ CTI Intrinsec, David Sardinha
Pivoting on a malspam infrastructure delivering JS malware backed by bulletproof networks

2026-05-24 ⋅ cocomelonc ⋅ cocomelonc
Malware shellcode delivery via signal - part 1. FSK Basics. Simple python script

2026-05-22 ⋅ Check Point ⋅ Checkpoint Research
Fast and Furious – Nimbus Manticore Operations During the Iranian Conflict
MiniFast

2026-05-22 ⋅ Trend Micro ⋅ Kazuki Fujisawa
Analyzing Void Dokkaebi’s Cython-Compiled InvisibleFerret Malware
BeaverTail InvisibleFerret

2026-05-21 ⋅ PWC ⋅ PwC Threat Intelligence
Inside Red Lamassu’s JFMBackdoor
JFMBackdoor Calypso

2026-05-20 ⋅ K7 Security ⋅ Srinivasan E
Fake Microsoft Teams download sites are being used to deliver ValleyRAT via DLL sideloading
ValleyRAT

2026-05-17 ⋅ Github (zanez) ⋅ Irvin Martínez González
Analysis on Malware that attacks Israel's Water treatment facilities
ZionSiphon

2026-05-14 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Kazuar: Anatomy of a nation-state botnet
Kazuar

2026-05-13 ⋅ Check Point Research ⋅ Checkpoint Research
THUS SPOKE…THE GENTLEMEN
Gentlemen

2026-05-13 ⋅ 0x3oBAD ⋅ Abdullah Islam
MustangPanda New Backdoor LotusLite
LOTUSLITE

2026-05-11 ⋅ pcrisk
Tweet about Lalia Ransomware
Lalia Ransomware

2026-05-11 ⋅ urlscan.io ⋅ urlscan.io
Darcula aka. "Magic Cat"

2026-05-11 ⋅ ThreatFabric ⋅ ThreatFabric
New TrickMo Variant: Device Take Over malware targeting Banking, Fintech, Wallet & Auth apps
TrickMo

2026-05-07 ⋅ Netskope ⋅ Vini Egerland
OpenClaw hologram: Fake installer ships Rust Infostealer
Vidar

2026-05-07 ⋅ R136a1 ⋅ Dominik Reichel
Where Have All the Complex Windows Malware and Their Analyses Gone?

2026-05-06 ⋅ Elastic ⋅ Daniel Stepanic, Jia Yu Chan, Seth Goodwin, Terrance DeJesus
TCLBANKER: Brazilian Banking Trojan Spreading via WhatsApp and Outlook
TCLBANKER

2026-05-05 ⋅ ANY.RUN ⋅ ANY.RUN
New Phishing Campaign Targets US with Credential Theft: What CISOs Need to Know

2026-05-05 ⋅ OpenSourceMalware ⋅ OpenSourceMalware
Lazarus Group Uses Git Hooks To Hide Malware
BeaverTail InvisibleFerret

2026-05-04 ⋅ BlueVoyant ⋅ Joshua Green, Thomas Elkins
Lorem Ipsum Malware: Trojanized MS Teams Installers Deliver Multi-Stage Loader and Backdoor
Lorem Ipsum