Click here to download all references as Bib-File.•
| 2025-11-02
⋅
Symantec
⋅
Multi-Stage In-Memory Agent Tesla Campaign Targets LATAM Agent Tesla |
| 2025-10-31
⋅
Seqrite
⋅
Operation SkyCloak: Tor Campaign targets Military of Russia & Belarus |
| 2025-10-31
⋅
Expel
⋅
Certified OysterLoader: Tracking Rhysida ransomware gang activity via code-signing certificates Broomstick |
| 2025-10-30
⋅
Github (cocomelonc)
⋅
Malware development trick 54: steal data via legit Angelcam API. Simple C example |
| 2025-10-30
⋅
Arctic Wolf
⋅
UNC6384 Weaponizes ZDI-CAN-25373 Vulnerability to Deploy PlugX Against Hungarian and Belgian Diplomatic Entities PlugX |
| 2025-10-29
⋅
01xyris
⋅
Aura Stealer #2 beatin the obfuscation Aura Stealer |
| 2025-10-29
⋅
Palo Alto Networks Unit 42
⋅
Suspected Nation-State Threat Actor Uses New Airstalk Malware in a Supply Chain Attack Airstalk CL-STA-1009 |
| 2025-10-29
⋅
Qianxin
⋅
Smoking Gun Uncovered: RPX Relay at PolarEdge’s Core Exposed PolarEdge |
| 2025-10-28
⋅
ThreatFabric
⋅
New Android Malware Herodotus Mimics Human Behaviour to Evade Detection |
| 2025-10-27
⋅
Trend Micro
⋅
Active Water Saci Campaign Spreading Via WhatsApp Features Multi-Vector Persistence and Sophisticated C&C Water Saci |
| 2025-10-27
⋅
Ransom-ISAC
⋅
Cross-Chain TxDataHiding Crypto Heist: A Very Chainful Process (Part 2) JADESNOW |
| 2025-10-22
⋅
Github (cocomelonc)
⋅
Malware development trick 53: steal data via legit XBOX API. Simple C example |
| 2025-10-22
⋅
Multilateral Sanctions Monitoring Team
⋅
The DPRK's Violation and Evasion of UN Sanctions through Cyber and Information Technology Worker Activities |
| 2025-10-22
⋅
Trend Micro
⋅
The Rise of Collaborative Tactics Among China-aligned Cyber Espionage Campaigns Cobalt Strike DracuLoader ShadowPad Earth Naga |
| 2025-10-22
⋅
SentinelOne
⋅
PhantomCaptcha | Multi-Stage WebSocket RAT Targets Ukraine in Single-Day Spearphishing Operation Princess |
| 2025-10-22
⋅
Cyderes
⋅
Chrome Installer Impersonation Campaign Targets China-Based Victims with ValleyRAT Trojan BlindEDR ValleyRAT |
| 2025-10-21
⋅
Elastic
⋅
TOLLBOOTH: What's yours, IIS mine TOLLBOOTH |
| 2025-10-20
⋅
Darktrace
⋅
Salty Much: Darktrace’s view on a recent Salt Typhoon intrusion SNAPPYBEE |
| 2025-10-20
⋅
Google
⋅
To Be (A Robot) or Not to Be: New Malware Attributed to Russia State-Sponsored COLDRIVER MAYBEROBOT NOROBOT YESROBOT |
| 2025-10-20
⋅
Ransom-ISAC
⋅
Cross-Chain TxDataHiding Crypto Heist: A Very Chainful Process (Part 1) JADESNOW |