Malpedia Library

2025-10-20 ⋅ Medium Deriv-Tech ⋅ Shantanu Ghumade
How a fake AI recruiter delivers five staged malware disguised as a dream job
BeaverTail OtterCookie InvisibleFerret

2025-10-20 ⋅ Google ⋅ Wesley Shields
To Be (A Robot) or Not to Be: New Malware Attributed to Russia State-Sponsored COLDRIVER
MAYBEROBOT NOROBOT YESROBOT

2025-10-20 ⋅ Ransom-ISAC ⋅ Ellis Stannard
Cross-Chain TxDataHiding Crypto Heist: A Very Chainful Process (Part 1)
JADESNOW

2025-10-19 ⋅ ⋅ CNCERT ⋅ CNCERT
Technical Analysis Report on National Timing Center's National Security Agency Cyberattacks
DanderSpritz

2025-10-18 ⋅ Twitter (@ThreatrayLabs) ⋅ Threatray Labs
Tweet on Kimsuky activity with loaders delivering HttpSpy and HttpTroy
NikiTeaR

2025-10-18 ⋅ Koi Security ⋅ Idan Dardikman
GlassWorm: First Self-Propagating Worm Using Invisible Code Hits OpenVSX Marketplace
GlassWorm

2025-10-18 ⋅ Medium 0xzyadelzyat ⋅ Zyad Elzyat
PureLogs Stealer: Complete Malware Analysis & CTF Walkthrough
PureLogs Stealer

2025-10-16 ⋅ Qualys ⋅ Diksha Ojha
F5 BIG-IP Source Code Leaked in State-Linked Cyberattack (BRICKSTORM Malware)
BRICKSTORM

2025-10-16 ⋅ Trendmicro ⋅ Junestherry Dela Cruz
Shifts in the Underground: The Impact of Water Kurita’s (Lumma Stealer) Doxxing
Lumma Stealer

2025-10-16 ⋅ Hunt.io ⋅ Hunt.io
Odyssey Stealer and AMOS Campaign Targets macOS Developers Through Fake Tools
AMOS

2025-10-16 ⋅ Swisscom B2B CSIRT ⋅ Matthieu Gras, Swisscom B2B CSIRT
Swisscom TDR Intel Brief - Acreed: On-Chain C2 Evolution
ACR Stealer

2025-10-16 ⋅ Mandiant ⋅ Blas Kojusner, Joseph Dobson, Robert Wallace
DPRK Adopts EtherHiding: Nation-State Malware Hiding on Blockchains
JADESNOW UNC5342

2025-10-16 ⋅ Cisco Talos ⋅ Michael Kelley, Vanja Svajcer
BeaverTail and OtterCookie evolve with a new Javascript module
BeaverTail OtterCookie InvisibleFerret

2025-10-15 ⋅ Palo Alto Networks Unit 42 ⋅ paloalto Networks: Unit42
PhantomVAI Loader Delivers a Range of Infostealers
Katz Stealer PhantomVAI

2025-10-15 ⋅ Symantec ⋅ Threat Hunter Team
Jewelbug: Chinese APT Group Widens Reach to Russia
REF7707

2025-10-15 ⋅ David Dodda ⋅ Dvaid Dodda
How I Almost Got Hacked By A 'Job Interview'
OtterCookie

2025-10-15 ⋅ Kaspersky ⋅ Noushin Shabab, Ye Jin
Mysterious Elephant: a growing threat
Remcos

2025-10-15 ⋅ NTT ⋅ Rintaro Koike
OtterCandy, malware used by WaterPlum
OtterCandy

2025-10-15 ⋅ Trend Micro ⋅ Dove Chiu, Lucien Chuang
Operation Zero Disco: Attackers Exploit Cisco SNMP Vulnerability to Deploy Rootkits

2025-10-14 ⋅ CIP ⋅ State Service of Special Communication and Information Protection of Ukraine (CIP)
Adversaries Target Ukrainian Defence Forces and Local Authorities Using "Counter-Sabotage" Lure
UAC-0239