Click here to download all references as Bib-File.•
2025-04-04
⋅
Socket
⋅
Lazarus Expands Malicious npm Campaign: 11 New Packages Add Malware Loaders and Bitbucket Payloads BeaverTail InvisibleFerret |
2025-04-03
⋅
SOC Prime
⋅
UAC-0219 Attack Detection: A New Cyber-Espionage Campaign Using a PowerShell Stealer WRECKSTEEL WRECKSTEEL UAC-0219 |
2025-04-03
⋅
SOC Prime
⋅
UAC-0219 Attack Detection: A New Cyber-Espionage Campaign Using a PowerShell Stealer WRECKSTEEL WRECKSTEEL |
2025-04-03
⋅
Microsoft
⋅
Threat actors leverage tax season to deploy tax-themed phishing campaigns Brute Ratel C4 CloudEyE Latrodectus Remcos Storm-0249 |
2025-04-03
⋅
Mandiant
⋅
Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457) SPAWNSNARE |
2025-04-03
⋅
ThreatMon
⋅
Ransomhub Group & New Betruger Backdoor Technical Malware Analysis Report |
2025-04-02
⋅
cocomelonc
⋅
Malware and cryptography 40 - encrypt/decrypt payload via RC5. Simple Nim example. |
2025-04-02
⋅
ASEC
⋅
BeaverTail and Tropidoor Malware Distributed via Recruitment Emails BeaverTail |
2025-04-02
⋅
ANALYST1
⋅
Inside BlackBasta: Actor Profiles, Extortion Tactics & Finances Black Basta Black Basta |
2025-04-02
⋅
BushidoToken
⋅
Tracking Adversaries: EvilCorp, the RansomHub affiliate RansomHub |
2025-04-02
⋅
Intel 471
⋅
An in-depth look at Black Basta's TTPs Black Basta Black Basta |
2025-04-01
⋅
Hunt.io
⋅
Same Russian-Speaking Threat Actor, New Tactics: Abuse of Cloudflare Services for Phishing and Telegram to Filter Victim IPs Pyramid |
2025-04-01
⋅
⋅
Cert-UA
⋅
UAC-0219: Cyber espionage using PowerShell stealer WRECKSTEEL (CERT-UA#14283) WRECKSTEEL UAC-0219 |
2025-04-01
⋅
ANY.RUN
⋅
Salvador Stealer: New Android Malware That Phishes Banking Details & OTPs Salvador Stealer |
2025-04-01
⋅
ZW01f
⋅
Auto-color - Linux backdoor Auto-Color |
2025-03-31
⋅
Seqrite
⋅
Operation HollowQuill: Malware delivered into Russian R&D Networks via Research Decoy PDFs Cobalt Strike HollowQuill |
2025-03-31
⋅
rexorvc0
⋅
DarkCloud Stealer DarkCloud Stealer |
2025-03-31
⋅
Aikido
⋅
Malware hiding in plain sight: Spying on North Korean Hackers BeaverTail |
2025-03-31
⋅
Wiz.io
⋅
CPU_HU: Fileless cryptominer targeting exposed PostgreSQL with over 1.5K victims JINX-0126 |
2025-03-31
⋅
48157c03bf9731926f9567fe1fabc807bff166241f8d6c27e6308dde68112669 Supper |