Malpedia Library

Click here to download all references as Bib-File.•

2025-08-15 ⋅ Cisco Talos ⋅ Asheer Malhotra, Brandon White, Vitor Ventura
UAT-7237 targets Taiwanese web hosting infrastructure
SoundBill

2025-08-15 ⋅ Bleeping Computer ⋅ Bill Toulas
Colt Telecom attack claimed by WarLock ransomware, data up for sale
WarLock

2025-08-14 ⋅ Censys ⋅ Himaja Motheram
2025 State of the Internet: Digging into Residential Proxy Infrastructure
PolarEdge

2025-08-14 ⋅ Hunt.io ⋅ Hunt.io
Hunt.io Exposes and Analyzes ERMAC V3.0 Banking Trojan Full Source Code Leak
ERMAC

2025-08-13 ⋅ Intezer ⋅ Nicole Fishbein
Threat Bulletin: Fire in the Woods – A New Variant of FireWood
FireWood

2025-08-13 ⋅ Gdata ⋅ Karsten Hahn
JustAskJacky: AI causes a Trojan Horse Comeback
TamperedChef

2025-08-12 ⋅ The New York Times ⋅ Adam Goldman, Glenn Thrush, Mattathias Schwartz
Russia Is Suspected to Be Behind Breach of Federal Court Filing System

2025-08-12 ⋅ bluecyber ⋅ Khắc Minh
Analysis of a ClickFix malware attack
Vidar

2025-08-12 ⋅ Cisco Talos ⋅ Edmund Brumaghin, Jordyn Dunk
Malvertising campaign leads to PS1Bot, a multi-stage malware framework
PS1Bot

2025-08-12 ⋅ Netresec ⋅ Erik Hjelmvik
PureRAT = ResolverRAT = PureHVNC
PureRAT

2025-08-11 ⋅ cocomelonc ⋅ cocomelonc
Malware development trick 49: abusing Azure DevOps REST API for covert data channels. Simple C examples.
AllaKore

2025-08-11 ⋅ nimanthadeshappriya.com ⋅ Nimantha Deshappriya
From Colombo to Pyongyang
BeaverTail BeaverTail Beavertail

2025-08-10 ⋅ DEFCON 33 ⋅ Seongsu Park
Blurred Lines of Cyber Threat Attribution: The Evolving Tactics of North Korean Cyber Threat Actors

2025-08-10 ⋅ cocomelonc ⋅ cocomelonc
MacOS hacking part 8: dlopen() code loading + finding target PIDs. Simple C (Intel, ARM) examples

2025-08-08 ⋅ abuse.ch ⋅ abuse.ch
MalwareBazaar | SHA256 6e1b152e34c76fab5414c4210a28bb5ca47b2155e6205e58e7df78ee9de6cb64 (MorpheusLoader)
Morpheus Loader

2025-08-08 ⋅ K7 Security ⋅ Azhagan K M S
Silent Watcher: Dissecting Cmimai Stealer’s VBS Payload
Cmimai Stealer

2025-08-08 ⋅ AhnLab ⋅ AhnLab ASEC Analysis Team
Distribution of SmartLoader Malware via Github Repository Disguised as a Legitimate Project
Rhadamanthys SmartLoader

2025-08-08 ⋅ Reverse The Malware ⋅ Diyar Saadi
Detecting and Identifying Hidden Processes (Volatility Edition)

2025-08-08 ⋅ Reverse The Malware ⋅ Diyar Saadi
Detecting and Identifying Hidden Processes (Rekall Edition)

2025-08-08 ⋅ Reverse The Malware ⋅ Diyar Saadi
Detecting and Identifying Hidden Processes (MemProcFs Edition)