Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2026-01-28Natto ThoughtsEugenio Benincasa
Provincial Tasking, Cross-Provincial Execution: A Case-Based Look at How China Scales Cyber Operations
2026-01-15CyberArkAri Novick
UNO reverse card: stealing cookies from cookie stealers
Stealc
2026-01-14MicrosoftMicrosoft Threat Intelligence
Inside RedVDS: How a single virtual desktop provider fueled worldwide cybercriminal operations
2025-09-05KrollDave Truman, Marc Messer
FANCY BEAR GONEPOSTAL – Espionage Tool Provides Backdoor Access to Microsoft Outlook
GONEPOSTAL
2025-07-23Cato NetworksVitaly Simonovich
Cato CTRL™ Threat Research: Analyzing LAMEHUG – First Known LLM-Powered Malware with Links to APT28 (Fancy Bear)
LAMEHUG
2025-06-16Trend MicroAira Marcelo, Gabriel Nicoleta, Jovit Samaniego, Mohamed Fahmy
Clone, Compile, Compromise: Water Curse’s Open-Source Malware Trap on GitHub
2025-06-03VMRayAlbert Zsigovits, VMRay
Rhadamanthys slips through in large installer files
Rhadamanthys
2025-05-16GdataKarsten Hahn
Printer company provided infected software downloads for half a year
SnipVex
2025-05-07US Department of JusticeU.S. Attorney's Officea Northern District of Oklahoma
Case 4:25-cr-00160-JDR: Indictment of Alexey Viktorovich Chertkov, Kirill Vladimirovich Morozov, Aleksandr Aleksandrovich Shishkin and Dmitriy Rubtsov
TheMoon
2025-04-03Silent PushSilent Push
PoisonSeed Campaign Targets CRM and Bulk Email Providers in Supply Chain Spam Operation
CryptoChameleon PoisonSeed
2025-03-28IntrinsecDavid Sardinha
From espionage to PsyOps: Tracking operations and bulletproof providers of UACs in 2025
sLoad NetSupportManager RAT Remcos SmokeLoader
2025-03-03Trend MicroAdam O'Connor, Catherine Loveria, Gabriel Cardoso, Ian Kenefick, Jack Walsh, Jovit Samaniego, Lucas Silva, Stephen Carbery
Black Basta and Cactus Ransomware Groups Add BackConnect Malware to Their Arsenal
Black Basta Black Basta Cactus ReedBed
2025-02-23Github (albertzsigovits)Albert Zsigovits
ToxicEye RAT config extraction and YARA signatures
ToxicEye
2025-02-13Recorded FutureInsikt Group
RedMike (Salt Typhoon) Exploits Vulnerable Cisco Devices of Global Telecommunications Providers
GhostEmperor
2025-01-29GoogleConor Quigley, Luke Jenkins, Nino Isakovic
ScatterBrain: Unmasking the Shadow of PoisonPlug's Obfuscator
POISONPLUG ShadowPad SNAPPYBEE
2024-11-28Hunt.ioHunt.io
Uncovering Threat Actor Tactics: How Open Directories Provide Insight into XWorm Delivery Strategies
XWorm
2024-11-04CleafyAlessandro Strino, Federico Valentini, Michele Roviello
ToxicPanda: a new banking trojan from Asia hit Europe and LATAM
ToxicPanda
2024-09-26The Wall Street JournalDustin Volz, Robert McMillan, Sarah Krouse
China-Linked Hackers Breach U.S. Internet Providers in New ‘Salt Typhoon’ Cyberattack
GhostEmperor
2024-09-20CISO SeriesSteve Prentice
Cybersecurity News: INC targets healthcare, Providence schools cyberattack, Apple iPads bricked
INC Storm-0494
2024-09-10CleafyAlessandro Strino, Michele Roviello
A new TrickMo saga: from Banking Trojan to Victim's Data Leak
TrickMo