Malpedia Library

Click here to download all references as Bib-File.•

2025-11-25 ⋅ ⋅ kienmanowar Blog ⋅ m4n0w4r, Tran Trung Kien
[Quick Analysis] Phishing Campaign Fake Tax Authorities to Distribute Malicious Codes
VIP Keylogger

2025-11-24 ⋅ ⋅ ISH Tecnologia ⋅ Caique Barqueta, Ícaro César
Analysis of the WhatsWorm Campaign leading to the implementation of the Eternity Stealer.

2025-11-22 ⋅ Synaptic Security ⋅ Robin Dost
Inside Gamaredon 2025: Zero-Click Espionage at Scale
PteroGraphin Pteranodon

2025-11-22 ⋅ LinkedIn (Idan Tarab) ⋅ Idan Tarab
India‑Aligned "Dropping Elephant" Pushes a New Stealth Marshalled‑Python Backdoor via MSBuild Dropper in Observed Activity Targeting Pakistan’s Defense Sector

2025-11-21 ⋅ K7 Security ⋅ Dhanush, Srinivasan E
Brazilian Campaign: Spreading the Malware via WhatsApp

2025-11-20 ⋅ Validin ⋅ Validin
Inside DPRK’s Fake Job Platform Targeting U.S. AI Talent

2025-11-20 ⋅ Google ⋅ Dan Perez, Harsh Parashar, Tierra Duncan
Beyond the Watering Hole: APT24's Pivot to Multi-Vector Attacks
BADAUDIO Cobalt Strike

2025-11-20 ⋅ Orange Cyberdefense ⋅ Alexis Bonnefoi, Marine PICHON
A Pain in the Mist: Navigating Operation DreamJob’s arsenal
BURNBOOK MISTPEN

2025-11-20 ⋅ ThreatFabric ⋅ ThreatFabric
Sturnus: Mobile Banking Malware bypassing WhatsApp, Telegram and Signal Encryption
Sturnus

2025-11-19 ⋅ NetAskari Substack ⋅ NetAskari
Critical strike: China's hacking training grounds (PART 1)

2025-11-19 ⋅ Natto Thoughts ⋅ Eugenio Benincasa, Natto Team
China’s Cybersecurity Companies Advancing Offensive Cyber Capabilities Through Attack-Defense Labs

2025-11-19 ⋅ Amazon ⋅ CJ Moses
New Amazon Threat Intelligence findings: Nation-state actors bridging cyber and kinetic warfare

2025-11-19 ⋅ Spamhaus ⋅ Jonas Arnold
The anatomy of bulletproof hosting – past, present, future

2025-11-19 ⋅ SecurityScorecard ⋅ Gilad Friedenreich Maizles, Marty Kareem
Thousands of ASUS Routers Hijacked in Global Operation “WrtHug” in a Suspected China-Backed Campaign

2025-11-19 ⋅ ESET Research ⋅ Dávid Gábriš, Facundo Muñoz
PlushDaemon compromises network devices for adversary-in-the-middle attacks
EdgeStepper LittleDaemon

2025-11-18 ⋅ Oligo ⋅ Avi Lumelsky, Gal Elbaz
ShadowRay 2.0: Attackers Turn AI Against Itself in Global Campaign that Hijacks AI Into Self-Propagating Botnet
IronErn440

2025-11-18 ⋅ DataBreaches.net ⋅ Dissent
From bad to worse: Doctor Alliance hacked again by same threat actor (2)
Kazu

2025-11-18 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Cyberattack against an educational institution in eastern Ukraine using the GAMYBEAR software tool (CERT-UA#18329)
GAMYBEAR UAC-0241

2025-11-17 ⋅ KELA ⋅ KELA Cyber Intelligence Center
ByteToBreach: A Deep Dive into a Persistent Data Leak Operator
ByteToBreach

2025-11-17 ⋅ moldovalive ⋅ Marina Gridina
War in the shadows of servers: how a Russian company could have organized an attack against Stark Industries from Moldova