Malpedia Library

Click here to download all references as Bib-File.•

2025-07-23 ⋅ Catalyst ⋅ Catalyst
Understanding Current CastleLoader Campaigns
CASTLELOADER

2025-07-23 ⋅ OPFOR Journal ⋅ OPFOR Journal
Singapore Takes Unprecedented Military Action Against Chinese State-Sponsored Hackers

2025-07-23 ⋅ Stranded on Pylos Blog ⋅ Joe Slowik
Will the Real Salt Typhoon Please Stand Up?
KV

2025-07-23 ⋅ Mandiant ⋅ Mandiant Incident Response
From Help Desk to Hypervisor: Defending Your VMware vSphere Estate from UNC3944

2025-07-23 ⋅ Natto Thoughts ⋅ Natto Team
HAFNIUM-Linked Hacker Xu Zewei: Riding the Tides of China’s Cyber Ecosystem

2025-07-22 ⋅ Recorded Future ⋅ Insikt Group®
Anatomy of DDoSia: NoName057(16)'s DDoS Infrastructure and Targeting
Dosia

2025-07-22 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Disrupting active exploitation of on-premises SharePoint vulnerabilities
Storm-2603

2025-07-22 ⋅ Akamai ⋅ Tomer Peled
Coyote in the Wild: First-Ever Malware That Abuses UI Automation

2025-07-21 ⋅ Lookout ⋅ Alemdar Islamoglu, Justin Albrecht
Lookout Discovers Iranian APT MuddyWater Leveraging DCHSpy During Israel-Iran Conflict
DHCSpy

2025-07-21 ⋅ AhnLab ⋅ ASEC
RokRAT Malware Using Malicious Hangul (.HWP) Documents
RokRAT

2025-07-21 ⋅ SentinelOne ⋅ Jim Walter, Simon Kenin, Tom Hegel
SharePoint ToolShell | Zero-Day Exploited in-the-Wild Targets Enterprise Servers

2025-07-21 ⋅ Kaspersky Labs ⋅ Daniil Pogorelov, Denis Kulik
The SOC files: Rumble in the jungle or APT41’s new target in Africa
Cobalt Strike MimiKatz

2025-07-20 ⋅ rmceoin.github.io ⋅ Randy McEoin
Perl based macOS/linux Stealer
Pearl Stealer

2025-07-20 ⋅ Utkonos ⋅ Utkonos
Supply Chain Trojan sc_trojan_jwjf
Scavenger

2025-07-20 ⋅ Invoke RE ⋅ cyb3rjerry, Josh Reynolds
Scavenger Malware Distributed via eslint-config-prettier NPM Package Supply Chain Compromise
Scavenger

2025-07-20 ⋅ Invoke RE ⋅ cyb3rjerry, Josh Reynolds
Install Linters, Get Malware - DevSecOps Speedrun Edition
Scavenger

2025-07-19 ⋅ The Register ⋅ Jessica Lyons
Ex-IDF cyber chief on Iran, Scattered Spider, and why social engineering worries him more than 0-days

2025-07-19 ⋅ Eye Security ⋅ Eye Security
SharePoint 0-day uncovered (CVE-2025-53770)
SharPyShell

2025-07-18 ⋅ cocomelonc ⋅ cocomelonc
MacOS hacking part 6: Assebmly intro on ARM(M1). Simple NASM (M1) examples

2025-07-18 ⋅ Arctic Wolf ⋅ Arctic Wolf Labs Team
Greedy Sponge Targets Mexico with AllaKore RAT and SystemBC
AllaKore SystemBC