Malpedia Library

Click here to download all references as Bib-File.•

2026-01-31 ⋅ Github (cocomelonc) ⋅ cocomelonc
MacOS malware persistence 2: shell environment hijacking. Simple C example

2026-01-30 ⋅ Google ⋅ Mandiant
Vishing for Access: Tracking the Expansion of ShinyHunters-Branded SaaS Data Theft
UNC6671

2026-01-30 ⋅ ESET Research ⋅ ESET Research
DynoWiper update: Technical analysis and attribution
DynoWiper

2026-01-30 ⋅ LevelBlue ⋅ Evgeny Ananin, Mark Tsipershtein, Nikita Kazymirskyi
19 Shades of LockBit5.0, Inside the Latest Cross-Platform Ransomware: Part 1
LockBit LockBit

2026-01-30 ⋅ abuse.ch ⋅ abuse.ch
X posting from abuse.ch on Xillen Stealer
Xillen Stealer

2026-01-30 ⋅ CERT.PL ⋅ CERT.PL
Energy Sector Incident Report – 29 December
LazyWiper DynoWiper

2026-01-29 ⋅ Cisco Talos ⋅ Joey Chen
Dissecting UAT-8099: New persistence mechanisms and regional focus
UAT-8099

2026-01-29 ⋅ Censys ⋅ Andrew Northern
AsyncRAT C2 Activity at Internet Scale
AsyncRAT

2026-01-29 ⋅ Sekoia ⋅ Amaury G., Quentin Bourgue, Sekoia TDR
Meet IClickFix: a widespread WordPress-targeting framework using the ClickFix tactic
IClickFix

2026-01-29 ⋅ Fortninet ⋅ Angelo Deveraturda, Jared Betts, John Simmons, Ken Evans, Mark Robson, Omar Avilez Melo, Xiaopeng Zhang
Interlock Ransomware: New Techniques, Same Old Tricks
Interlock

2026-01-29 ⋅ CrowdStrike ⋅ CrowdStrike Threat Intel Team, Rob Bruner
LABYRINTH CHOLLIMA Evolves into Three Adversaries

2026-01-29 ⋅ HarfangLab ⋅ HarfangLab CTR
RedKitten: AI-accelerated campaign targeting Iranian protests
SloppyMIO RedKitten

2026-01-28 ⋅ Accenture ⋅ Accenture Cyber Threat Intelligence
Analysis of RustyRocket – A Custom WorldLeaks Exfiltration Tool
RustyRocket

2026-01-28 ⋅ Natto Thoughts ⋅ Eugenio Benincasa
Provincial Tasking, Cross-Provincial Execution: A Case-Based Look at How China Scales Cyber Operations

2026-01-28 ⋅ Proofpoint ⋅ Proofpoint Threat Research Team
Can’t stop, won’t stop: TA584 innovates initial access
XWorm TA584

2026-01-28 ⋅ Google ⋅ Google Threat Intelligence Group
No Place Like Home Network: Disrupting the World's Largest Residential Proxy Network

2026-01-28 ⋅ Hunt.io ⋅ Hunt.io
Exposed Open Directory Leaks a Full BYOB Deployment Across Windows, Linux, and macOS

2026-01-28 ⋅ ESET Research ⋅ Lukáš Štefanko
Love? Actually: Fake dating app used as lure in targeted spyware campaign in Pakistan
GhostChat

2026-01-28 ⋅ Fortinet ⋅ Vincent Li
Unveiling the Weaponized Web Shell EncystPHP
INJ3CTOR3

2026-01-27 ⋅ Medium mk7912 ⋅ Manoj Kshirsagar
From XLoader to Phantom Stealer: A DHL-Themed multi-stage Infection Chain
Xloader Phantom Stealer