Malpedia Library

Click here to download all references as Bib-File.•

2025-06-27 ⋅ TEHTRIS ⋅ Lefebvre Fabien
Rage Against the Powershell - Qilin in the Name
Qilin

2025-06-26 ⋅ Arctic Wolf ⋅ Arctic Wolf Labs Team
GIFTEDCROOK’s Strategic Pivot: From Browser Stealer to Data Exfiltration Platform During Critical Ukraine Negotiations
GIFTEDCROOK

2025-06-25 ⋅ cocomelonc ⋅ cocomelonc
MacOS hacking part 3: shellcoding. x86_64 assembly intro. Simple NASM examples

2025-06-25 ⋅ Check Point Research ⋅ Check Point Research
In the Wild: Malware Prototype with Embedded Prompt Injection
Skynet

2025-06-24 ⋅ Certego ⋅ Federico Fantini
Malware Analysis - Inside Lumma Stealer
Lumma Stealer

2025-06-24 ⋅ Socket ⋅ Socket
Another Wave: North Korean Contagious Interview Campaign Drops 35 New Malicious npm Packages
BeaverTail InvisibleFerret

2025-06-24 ⋅ Trellix ⋅ Nico Paulo Yturriaga, Pham Duy Phuc
OneClik: A ClickOnce-Based APT Campaign Targeting Energy, Oil and Gas Infrastructure

2025-06-24 ⋅ Bridewell ⋅ Bridewell
2025 Cyber Threat Intelligence Report
AsyncRAT Brute Ratel C4 Cobalt Strike Fog Ghost RAT Lumma Stealer Meduza Stealer Quasar RAT RedLine Stealer Sliver

2025-06-23 ⋅ Twitter (@suyog41) ⋅ Yogesh Londhe
Tweet about Cmimei Stealer
Cmimai Stealer

2025-06-23 ⋅ DeXpose ⋅ M4lcode
AnyDesk Clone Drops .NET Loader with AES Encrypted Payload and AV Evasion Delivering Phemedrone Stealer
Phemedrone Stealer

2025-06-23 ⋅ Gdata ⋅ Karsten Hahn, Lance Go
ConnectUnwise: Threat actors abuse ConnectWise as builder for signed malware
EvilConwi

2025-06-23 ⋅ PolySwarm Tech Team ⋅ The Hivemind
Famous Chollima’s PylangGhost
GolangGhost PylangGhost GolangGhost

2025-06-23 ⋅ cocomelonc ⋅ cocomelonc
Linux hacking part 6: Linux kernel module with params. Simple C example

2025-06-23 ⋅ Rushter ⋅ Artem Golubin
Threat Hunting Introduction: Cobalt Strike
Cobalt Strike

2025-06-23 ⋅ Darkatlas ⋅ Darkatlas Squad
Bluenoroff (APT38) Live Infrastructure Hunting

2025-06-21 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Cyberattacks UAC-0001 (APT28) in relation to public authorities using BEARDSHELL and COVENANT
BEARDSHELL SLIMAGENT

2025-06-20 ⋅ K7 Security ⋅ Baran S
SpyMax
SpyMax

2025-06-20 ⋅ Field Effect ⋅ Daniel Albrecht, Elena Lapina, Field Effect, Sean Alexander
Zoom & doom: BlueNoroff call opens the door

2025-06-20 ⋅ Validin ⋅ Kenneth Kinion
Zooming through BlueNoroff Indicators with Validin

2025-06-20 ⋅ Twitter (@threatintel) ⋅ Threat Intelligence
Tweet about wiper deployed against Albania by Druidfly