Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2026-05-21PWCPwC Threat Intelligence
Inside Red Lamassu’s JFMBackdoor
JFMBackdoor Calypso
2026-05-18Gen Threat LabsGen Threat Labs
X.com - Gen Threat Labs - AuraStealer (version 1.8.0)
Aura Stealer
2026-05-14MicrosoftMicrosoft Threat Intelligence
Kazuar: Anatomy of a nation-state botnet
Kazuar
2026-04-10InfobloxChong Lua Dao, Infoblox Threat Intel
Scams, Slaves and (Malware-as-a) Service: Tracking a Trojan to Cambodia’s Scam Centers
2026-04-09F6F6
Eastern Signature: Investigating a Cyberattack by an Asian Threat Group
ShadowPad
2026-04-07MicrosoftMicrosoft Threat Intelligence
SOHO router compromise leads to DNS hijacking and adversary-in-the-middle attacks
2026-04-01SOC PrimeDaryna Olyniychuk
UAC-0255 Attack Detection: Threat Actors Impersonate CERT-UA to Infect Ukrainian Public and Private Sector Organizations With AGEWHEEZE RAT
AGEWHEEZE Cyber Serp
2026-03-31GoogleAdrian Hernandez, Ashley Zaya, Austin Larsen, Christopher Gardner, Dima Lenz, Michael Rudden, Mon Liclican, Tyler McLellan
North Korea-Nexus Threat Actor Compromises Widely Used Axios NPM Package in Supply Chain Attack
WAVESHAPER
2026-03-23SophosSophos Counter Threat Unit Research Team
NICKEL ALLEY strategy: Fake it ‘til you make it
PylangGhost GolangGhost Nickel Alley
2026-03-20Nextron SystemsPezier Pierre-Henri
RegPhantom Backdoor Threat Analysis
RegPhantom
2026-03-18GoogleGoogle Threat Intelligence Group
The Proliferation of DarkSword: iOS Exploit Chain Adopted by Multiple Threat Actors
GHOSTBLADE UNC6748
2026-03-18GoogleGoogle Threat Intelligence Group
The Proliferation of DarkSword: iOS Exploit Chain Adopted by Multiple Threat Actors
GHOSTBLADE
2026-03-12MicrosoftMicrosoft Threat Intelligence
Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft
Storm-2561
2026-03-09Abstract SecurityAbstract Security Threat Research Organization (ASTRO)
Contagious Interview: Evolution of VS Code and Cursor Tasks Infection Chains Part 2
GolangGhost PylangGhost GolangGhost
2026-03-07OpenSourceMalwareOpenSourceMalware
PolinRider: DPRK Threat Actor Implants Malware in Hundreds of GitHub Repos
JADESNOW
2026-03-06MicrosoftMicrosoft Threat Intelligence
AI as tradecraft: How threat actors operationalize AI
OtterCookie
2026-03-05SymantecThreat Hunter Team
Seedworm: Iranian APT on Networks of U.S. Bank, Airport, Software Company
Tsundere
2026-03-05eSentireeSentire Threat Response Unit (TRU)
North Korean APT Malware Analysis: DEV#POPPER RAT and OmniStealer (Everyday I'm Shufflin')
JADESNOW
2026-03-04Huntress LabsJai Minton, Ryan Dowd
"Malware, from the Outside!": How a Threat Actor Used Fake OpenClaw Installers to Infect Systems with GhostSocks and Information Stealers
GhostSocks Vidar
2026-03-03SophosSophos Counter Threat Unit Research Team
Hacktivist campaigns increase as United States, Iran, and Israel conflict intensifies
APTIran