Malpedia Library

Click here to download all references as Bib-File.•

2025-10-28 ⋅ ThreatFabric ⋅ ThreatFabric
New Android Malware Herodotus Mimics Human Behaviour to Evade Detection

2025-10-28 ⋅ Kaspersky ⋅ Omar Amin, Sojun Ryu
Crypto wasted: BlueNoroff’s ghost mirage of funding and jobs

2025-10-27 ⋅ Trend Micro ⋅ Emmanuel Panopio, Jeffrey Francis Bonaobra, Joe Soares
Active Water Saci Campaign Spreading Via WhatsApp Features Multi-Vector Persistence and Sophisticated C&C
Water Saci

2025-10-27 ⋅ Ransom-ISAC ⋅ Ellis Stannard
Cross-Chain TxDataHiding Crypto Heist: A Very Chainful Process (Part 2)
JADESNOW

2025-10-27 ⋅ BartBlaze
Earth Estries alive and kicking

2025-10-27 ⋅ Kaspersky ⋅ Boris Larin
Mem3nt0 mori – The Hacking Team is back!
Dante

2025-10-25 ⋅ MandarNaik016 ⋅ Mandar Naik
Malware Analysis - VIP Keylogger - Part 2
VIP Keylogger

2025-10-23 ⋅ ESET Research ⋅ Alexis Rapin, Peter Kálnai
Gotta fly: Lazarus targets the UAV sector
BURNBOOK QuanPinLoader ScoringMathTea

2025-10-23 ⋅ Twitter (@salmanvsf) ⋅ Salman Shaikh
Tweet about Discovery of Smile PaaS admin panel

2025-10-22 ⋅ Multilateral Sanctions Monitoring Team ⋅ Multilateral Sanctions Monitoring Team
The DPRK's Violation and Evasion of UN Sanctions through Cyber and Information Technology Worker Activities

2025-10-22 ⋅ Trend Micro ⋅ Daniel Lunghi, Joseph C Chen, Lenart Bermejo, Leon M Chang, Vickie Su
The Rise of Collaborative Tactics Among China-aligned Cyber Espionage Campaigns
Cobalt Strike DracuLoader ShadowPad

2025-10-22 ⋅ SentinelOne ⋅ Tom Hegel
PhantomCaptcha | Multi-Stage WebSocket RAT Targets Ukraine in Single-Day Spearphishing Operation
Princess

2025-10-22 ⋅ Cyderes ⋅ Rahul Ramesh
Chrome Installer Impersonation Campaign Targets China-Based Victims with ValleyRAT Trojan
BlindEDR ValleyRAT

2025-10-21 ⋅ HarfangLab ⋅ HarfangLab CTR
RudePanda owns IIS servers like it's 2003
TOLLBOOTH

2025-10-21 ⋅ Elastic ⋅ Andrew Pease, Braxton Williams, Daniel Stepanic, Jia Yu Chan, Salim Bitam, Seth Goodwin
TOLLBOOTH: What's yours, IIS mine
TOLLBOOTH

2025-10-20 ⋅ Darktrace ⋅ Nathaniel Jones, Sam Lister
Salty Much: Darktrace’s view on a recent Salt Typhoon intrusion
SNAPPYBEE

2025-10-20 ⋅ Medium Deriv-Tech ⋅ Shantanu Ghumade
How a fake AI recruiter delivers five staged malware disguised as a dream job
BeaverTail OtterCookie InvisibleFerret

2025-10-20 ⋅ Google ⋅ Wesley Shields
To Be (A Robot) or Not to Be: New Malware Attributed to Russia State-Sponsored COLDRIVER
MAYBEROBOT NOROBOT YESROBOT

2025-10-20 ⋅ Ransom-ISAC ⋅ Ellis Stannard
Cross-Chain TxDataHiding Crypto Heist: A Very Chainful Process (Part 1)
JADESNOW

2025-10-19 ⋅ ⋅ CNCERT ⋅ CNCERT
Technical Analysis Report on National Timing Center's National Security Agency Cyberattacks
DanderSpritz