Malpedia Library

Click here to download all references as Bib-File.•

2025-05-27 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
New Russia-affiliated actor Void Blizzard targets critical sectors for espionage

2025-05-27 ⋅ AIVD ⋅ AIVD
AIVD and MIVD identify new Russian cyber threat actor

2025-05-08 ⋅ Forescout ⋅ Luca Barba, Sai Molige
Threat Analysis: SAP Vulnerability Exploited in the Wild by Chinese Threat Actor
Chaya_004

2025-05-06 ⋅ Infoblox ⋅ Infoblox Threat Intelligence Group
Telegram Tango: Dancing with a Scammer

2025-04-28 ⋅ Censys ⋅ The Censys Research Team
Scouting a Threat Actor

2025-04-25 ⋅ Censys ⋅ Censys
The Persistent Threat of Salt Typhoon: Tracking Exposures of Potentially Targeted Devices
MASOL

2025-04-25 ⋅ Twitter (@teamcymru_S2) ⋅ TEAM CYMRU S2 THREAT RESEARCH
Tweet on North Korean Cyber Ops Leveraging Russian Infrastructure

2025-04-23 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Understanding the threat landscape for Kubernetes and containerized assets
Storm-1977

2025-04-22 ⋅ Volexity ⋅ Charlie Gardner, Josh Duke, Matthew Meltzer, Sean Koessel, Steven Adair, Tom Lancaster
Phishing for Codes: Russian Threat Actors Target Microsoft 365 OAuth Workflows
UTA0352 UTA0355

2025-04-17 ⋅ FORTRA ⋅ Max Ickert
Threat Actor Profile: SheByte Phishing-as-a-Service

2025-04-16 ⋅ IBM X-Force ⋅ IBM Security X-Force Team
IBM X-Force 2025 Threat Intelligence Index

2025-04-11 ⋅ Reliaquest ⋅ RELIAQUEST THREAT RESEARCH TEAM
Threat Spotlight: Hijacked and Hidden: New Backdoor and Persistence Technique

2025-04-10 ⋅ Symantec ⋅ Threat Hunter Team
Shuckworm Targets Foreign Military Mission Based in Ukraine

2025-04-08 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Exploitation of CLFS zero-day leads to ransomware activity
RansomEXX Storm-2460

2025-04-03 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Threat actors leverage tax season to deploy tax-themed phishing campaigns
Brute Ratel C4 CloudEyE Latrodectus Remcos Storm-0249

2025-04-03 ⋅ Mandiant ⋅ Jacob Thompson, John Wolfram, Josh Murchie, Matt Lin, Michael Edie
Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457)
SPAWNSNARE

2025-04-01 ⋅ Hunt.io ⋅ Hunt.io
Same Russian-Speaking Threat Actor, New Tactics: Abuse of Cloudflare Services for Phishing and Telegram to Filter Victim IPs
Pyramid

2025-03-27 ⋅ Infoblox ⋅ Infoblox Threat Intelligence Group
A Phishing Tale of DoH and DNS MX Abuse

2025-03-26 ⋅ eSentire ⋅ eSentire Threat Response Unit (TRU)
The Long and Short(cut) of It: KoiLoader Analysis
Koi Loader

2025-03-13 ⋅ Securonix ⋅ Den Iyzvyk, Tim Peck
Analyzing OBSCURE#BAT Threat Actors Lure Victims into Executing Malicious Batch Scripts to Deploy Stealthy Rootkits
Quasar RAT r77