Malpedia Library

Click here to download all references as Bib-File.•

2025-11-02 ⋅ Symantec ⋅ Broadcom, Symantec
Multi-Stage In-Memory Agent Tesla Campaign Targets LATAM
Agent Tesla

2025-10-15 ⋅ Symantec ⋅ Threat Hunter Team
Jewelbug: Chinese APT Group Widens Reach to Russia

2025-09-03 ⋅ Darkrym ⋅ Darkrym
PXA Stealers Evolution to PureRAT: Part 6 - Finally, the Final Stage PureRAT (Stage 9)
PureRAT

2025-08-31 ⋅ Darkrym ⋅ Darkrym
PXA Stealers Evolution to PureRAT: Part 3 - Weaponised Python Stage (Stage 5)
PXA Stealer

2025-08-19 ⋅ IBM X-Force ⋅ Raymond Joseph Alfonso
IBM X-Force Threat Analysis: QuirkyLoader - A new malware loader delivering infostealers and RATs
QuirkyLoader

2025-06-20 ⋅ K7 Security ⋅ Baran S
SpyMax
SpyMax

2025-06-18 ⋅ Elastic ⋅ Salim Bitam
A Wretch Client: From ClickFix deception to information stealer deployment
HijackLoader Lumma Stealer SectopRAT

2025-06-12 ⋅ Symantec ⋅ Carbon Black, Threat Hunter Team
Fog Ransomware: Unusual Toolset Used in Recent Attack
Fog

2025-05-02 ⋅ Arctic Wolf ⋅ Arctic Wolf Labs Team
Venom Spider Uses Server-Side Polymorphism to Weave a Web Around Victims
More_eggs

2025-04-25 ⋅ Twitter (@teamcymru_S2) ⋅ TEAM CYMRU S2 THREAT RESEARCH
Tweet on North Korean Cyber Ops Leveraging Russian Infrastructure

2025-04-23 ⋅ Cisco Talos ⋅ Asheer Malhotra, Ashley Shen, Brandon White, Joey Chen, Vitor Ventura
Introducing ToyMaker, an initial access broker working in cahoots with double extortion gangs
HOLERUN

2025-04-10 ⋅ Symantec ⋅ Threat Hunter Team
Shuckworm Targets Foreign Military Mission Based in Ukraine

2025-04-08 ⋅ Team Cymru ⋅ S2 Research Team
Inside DanaBot’s Infrastructure: In Support of Operation Endgame II
DanaBot

2025-04-08 ⋅ Trustwave ⋅ Nikita Kazymirskyi, Serhii Melnyk
A deep Dive into the Leaked Black Basta Chat Logs
Black Basta Black Basta

2025-02-21 ⋅ cyjax ⋅ Cymon
How’s that for a malicious Linkc, new group launches DLS
LinkC Pub

2025-02-20 ⋅ Trend Micro ⋅ Daniel Lunghi
Updated Shadowpad Malware Leads to Ransomware Deployment
EvilExtractor PlugX ShadowPad Teleboyi

2025-02-20 ⋅ Trend Micro ⋅ Daniel Lunghi
Updated Shadowpad Malware Leads to Ransomware Deployment
EvilExtractor NailaoLocker PlugX ShadowPad

2025-02-13 ⋅ Symantec ⋅ Threat Hunter Team
China-linked Espionage Tools Used in Ransomware Attacks
PlugX

2024-12-20 ⋅ Team Cymru ⋅ Lewis Henderson
Jingle Shells: How Virtual Offices Enable a Facade of Legitimacy

2024-12-16 ⋅ Gdata ⋅ Banu Ramakrishnan
New I2PRAT communicates via anonymous peer-to-peer network
Unidentified 118