Malpedia Library

Click here to download all references as Bib-File.•

2025-07-26 ⋅ Reverse The Malware ⋅ Diyar Saadi
Forensic Artifacts for User Windows History Activity

2025-07-25 ⋅ Aryaka Networks ⋅ Aditya K. Sood, varadharajan krishnasamy
The Operational Blueprint of Kimsuky APT for Cyber Espionage
Kimsuky

2025-07-25 ⋅ Cloudsek ⋅ Cloudsek
Threat Actors Lure Victims Into Downloading .HTA Files Using ClickFix To Spread Epsilon Red Ransomware
Epsilon Red

2025-07-24 ⋅ SYGNIA ⋅ Sygnia Team
Fire Ant: A Deep-Dive into Hypervisor-Level Espionage

2025-07-24 ⋅ The Washington Times ⋅ Bill Gertz
Hackers breach intelligence website used by CIA

2025-07-24 ⋅ Bleeping Computer ⋅ Sergiu Gatlan
BlackSuit ransomware extortion sites seized in Operation Checkmate
BlackSuit Royal Ransom BlackSuit Mount Locker Royal Ransom

2025-07-24 ⋅ Dr.Web ⋅ Dr.Web
Gamers, get ready: scammers disguise cryptocurrency and password-stealing Scavenger trojans as cheats and mods
Scavenger

2025-07-24 ⋅ Red Canary ⋅ The Red Canary Team
Intelligence Insights: July 2025
Broomstick

2025-07-23 ⋅ Cato Networks ⋅ Vitaly Simonovich
Cato CTRL™ Threat Research: Analyzing LAMEHUG – First Known LLM-Powered Malware with Links to APT28 (Fancy Bear)
LAMEHUG

2025-07-23 ⋅ bluecyber ⋅ Son Vu
APT32 Malware: An In-Depth Analysis
OceanLotus

2025-07-23 ⋅ Catalyst ⋅ Catalyst
Understanding Current CastleLoader Campaigns
CASTLELOADER

2025-07-23 ⋅ OPFOR Journal ⋅ OPFOR Journal
Singapore Takes Unprecedented Military Action Against Chinese State-Sponsored Hackers

2025-07-23 ⋅ Stranded on Pylos Blog ⋅ Joe Slowik
Will the Real Salt Typhoon Please Stand Up?
KV

2025-07-23 ⋅ Mandiant ⋅ Mandiant Incident Response
From Help Desk to Hypervisor: Defending Your VMware vSphere Estate from UNC3944

2025-07-23 ⋅ Natto Thoughts ⋅ Natto Team
HAFNIUM-Linked Hacker Xu Zewei: Riding the Tides of China’s Cyber Ecosystem

2025-07-22 ⋅ Recorded Future ⋅ Insikt Group®
Anatomy of DDoSia: NoName057(16)'s DDoS Infrastructure and Targeting
Dosia

2025-07-22 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Disrupting active exploitation of on-premises SharePoint vulnerabilities
Storm-2603

2025-07-22 ⋅ Akamai ⋅ Tomer Peled
Coyote in the Wild: First-Ever Malware That Abuses UI Automation

2025-07-21 ⋅ Lookout ⋅ Alemdar Islamoglu, Justin Albrecht
Lookout Discovers Iranian APT MuddyWater Leveraging DCHSpy During Israel-Iran Conflict
DHCSpy

2025-07-21 ⋅ AhnLab ⋅ ASEC
RokRAT Malware Using Malicious Hangul (.HWP) Documents
RokRAT