Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-04-24Silent PushSilent Push
Contagious Interview (DPRK) Launches a New Campaign Creating Three Front Companies to Deliver a Trio of Malware: BeaverTail, InvisibleFerret, and OtterCookie
BeaverTail OtterCookie FrostyFerret GolangGhost InvisibleFerret GolangGhost
2025-04-23Cisco TalosAsheer Malhotra, Ashley Shen, Brandon White, Joey Chen, Vitor Ventura
Introducing ToyMaker, an initial access broker working in cahoots with double extortion gangs
HOLERUN
2025-04-23MicrosoftMicrosoft Threat Intelligence
Understanding the threat landscape for Kubernetes and containerized assets
Storm-1977
2025-04-23Trend MicroFeike Hacquebord, Stephen Hilt
Russian Infrastructure Plays Crucial Role in North Korean Cybercrime Operations
BeaverTail FrostyFerret GolangGhost InvisibleFerret GolangGhost WageMole
2025-04-22FortinetXiaopeng Zhang
Infostealer Malware FormBook Spread via Phishing Campaign – Part I
Formbook
2025-04-22Kaspersky LabsAlexander Demidov, Georgy Kucherin, Igor Kuznetsov
Russian organizations targeted by backdoor masquerading as secure networking software updates
2025-04-22VolexityCharlie Gardner, Josh Duke, Matthew Meltzer, Sean Koessel, Steven Adair, Tom Lancaster
Phishing for Codes: Russian Threat Actors Target Microsoft 365 OAuth Workflows
UTA0352 UTA0355
2025-04-21Aryaka NetworksAditya K. Sood, bikash dash
Strela Stealer Malware Research: Tracing the Digital Footprint and Network Behavior
StrelaStealer
2025-04-21TrellixMohideen Abdul Khader
Unmasking the Evolving Threat: A Deep Dive into the Latest Version of Lumma InfoStealer with Code Flow Obfuscation
Lumma Stealer
2025-04-21Twitter (@browsercookies)Cookie Connoisseur
Tweet on public Google Drive potentially connected to DPRK activity.
2025-04-17Trail of BitsTrail of Bits
Mitigating ELUSIVE COMET Zoom remote control attacks
ELUSIVE COMET
2025-04-17PorthasHassan Faraz, Mohamed Talaat
Breaking the B0 ransomware: Investigation & Decryption
B0
2025-04-17Cisco TalosJoey Chen
Unmasking the new XorDDoS controller and infrastructure
XOR DDoS
2025-04-17ProofpointGreg Lesnewich, Josh Miller, Mark Kelly, Saher Naumaan
Around the World in 90 Days: State-Sponsored Actors Try ClickFix
Quasar RAT UNK_RemoteRogue
2025-04-17Kaspersky LabsGReAT
IronHusky updates the forgotten MysterySnail RAT to target Russia and Mongolia
MysterySnail
2025-04-17TrustwaveDawid Nesterowicz, Pawel Knapczyk
Proton66 Part 2: Compromised WordPress Pages and Malware Campaigns
StrelaStealer TargetCompany XWorm
2025-04-17FORTRAMax Ickert
Threat Actor Profile: SheByte Phishing-as-a-Service
2025-04-16TechCrunchZack Whittaker
Apple says zero-day bugs exploited against ‘specific targeted individuals’ using iOS
2025-04-16SpyCloudAurora Johnson, Keegan Keplinger
Exposed Credentials & Ransomware Operations: Using LLMs to Digest 200K Messages from the Black Basta Chats
Black Basta Black Basta
2025-04-16HarfangLabHarfangLab CTR
Inside Gamaredon’s PteroLNK: Dead Drop Resolvers and evasive Infrastructure
Pteranodon