Malpedia Library

Click here to download all references as Bib-File.•

2026-03-06 ⋅ nadsec ⋅ nadsec
Coruna: A Complete Technical Teardown
Coruna

2026-03-06 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
AI as tradecraft: How threat actors operationalize AI
OtterCookie

2026-03-05 ⋅ Github (vxaboveground) ⋅ vxaboveground
Overlord Github Repository
Overlord RAT

2026-03-05 ⋅ Cisco Talos ⋅ Asheer Malhotra, Brandon White
UAT-9244 targets South American telecommunication providers with three new malware implants
BruteEntry PeerTime TernDoor UAT-9244

2026-03-05 ⋅ Trend Micro ⋅ Mingyue Shirley Yang
New BoryptGrab Stealer Targets Windows Users via Deceptive GitHub Pages
BoryptGrab

2026-03-05 ⋅ Elastic ⋅ Remco Sprooten, Ruben Groenewoud
Hooked on Linux: Rootkit Taxonomy, Hooking Techniques and Tradecraft

2026-03-05 ⋅ Symantec ⋅ Threat Hunter Team
Seedworm: Iranian APT on Networks of U.S. Bank, Airport, Software Company
Tsundere

2026-03-05 ⋅ eSentire ⋅ eSentire Threat Response Unit (TRU)
North Korean APT Malware Analysis: DEV#POPPER RAT and OmniStealer (Everyday I'm Shufflin')
JADESNOW

2026-03-05 ⋅ Github (cocomelonc) ⋅ cocomelonc
Malware and cryptography 44 - encrypt/decrypt payload via Discrete Fourier Transform. Simple C example.

2026-03-04 ⋅ Huntress Labs ⋅ Jai Minton, Ryan Dowd
"Malware, from the Outside!": How a Threat Actor Used Fake OpenClaw Installers to Infect Systems with GhostSocks and Information Stealers
GhostSocks Vidar

2026-03-04 ⋅ Hunt.io ⋅ Hunt.io
Iranian APT Infrastructure in Focus: Mapping State-Aligned Clusters During Geopolitical Escalation

2026-03-04 ⋅ Ctrl-Alt-Intel ⋅ Ctrl-Alt-Intel
MuddyWater Exposed: Inside an Iranian APT operation
Tsundere

2026-03-04 ⋅ EG-FinCirt ⋅ EG-FinCirt Malware Analysis team
Remcos RAT Operations: How Attackers Gain and Maintain Control
Remcos

2026-03-03 ⋅ Radware ⋅ Radware
Retaliatory Hacktivist DDoS Activity Following Operation Epic Fury/Roaring Lion
Conquerors Electronic Army

2026-03-03 ⋅ Sophos ⋅ Sophos Counter Threat Unit Research Team
Hacktivist campaigns increase as United States, Iran, and Israel conflict intensifies
APTIran

2026-03-03 ⋅ Google ⋅ Google Threat Intelligence Group
Coruna: The Mysterious Journey of a Powerful iOS Exploit Kit
Coruna

2026-03-03 ⋅ Google ⋅ Google Threat Intelligence Group
Coruna: The Mysterious Journey of a Powerful iOS Exploit Kit
Coruna UNC6353 UNC6691

2026-03-03 ⋅ Microsoft ⋅ Microsoft
Signed malware impersonating workplace apps deploys RMM backdoors
TrustConnect RAT

2026-03-02 ⋅ Talos ⋅ Cisco Talos
Update, March 13: Talos on the developing situation in the Middle East
Tsundere APTIran

2026-03-02 ⋅ Moonlock ⋅ Moonlock Lab Team
Fake VCs target crypto talent in a new ClickFix campaign
AmodalTea