Malpedia Library

2025-10-31 ⋅ Expel ⋅ AARON WALTON
Certified OysterLoader: Tracking Rhysida ransomware gang activity via code-signing certificates
Broomstick

2025-10-29 ⋅ Qianxin ⋅ Acey9, Alex.Turing
Smoking Gun Uncovered: RPX Relay at PolarEdge’s Core Exposed
PolarEdge

2025-10-27 ⋅ Kaspersky ⋅ Boris Larin
Mem3nt0 mori – The Hacking Team is back!
Dante

2025-10-22 ⋅ Trend Micro ⋅ Daniel Lunghi, Joseph C Chen, Lenart Bermejo, Leon M Chang, Vickie Su
The Rise of Collaborative Tactics Among China-aligned Cyber Espionage Campaigns
Cobalt Strike DracuLoader ShadowPad

2025-10-20 ⋅ Darktrace ⋅ Nathaniel Jones, Sam Lister
Salty Much: Darktrace’s view on a recent Salt Typhoon intrusion
SNAPPYBEE

2025-10-20 ⋅ Ransom-ISAC ⋅ Ellis Stannard
Cross-Chain TxDataHiding Crypto Heist: A Very Chainful Process (Part 1)
JADESNOW

2025-10-19 ⋅ ⋅ CNCERT ⋅ CNCERT
Technical Analysis Report on National Timing Center's National Security Agency Cyberattacks
DanderSpritz

2025-10-18 ⋅ Koi Security ⋅ Idan Dardikman
GlassWorm: First Self-Propagating Worm Using Invisible Code Hits OpenVSX Marketplace
GlassWorm

2025-10-16 ⋅ Trendmicro ⋅ Junestherry Dela Cruz
Shifts in the Underground: The Impact of Water Kurita’s (Lumma Stealer) Doxxing
Lumma Stealer

2025-10-16 ⋅ Hunt.io ⋅ Hunt.io
Odyssey Stealer and AMOS Campaign Targets macOS Developers Through Fake Tools
AMOS

2025-10-16 ⋅ Swisscom B2B CSIRT ⋅ Matthieu Gras, Swisscom B2B CSIRT
Swisscom TDR Intel Brief - Acreed: On-Chain C2 Evolution
ACR Stealer

2025-10-16 ⋅ Mandiant ⋅ Blas Kojusner, Joseph Dobson, Robert Wallace
DPRK Adopts EtherHiding: Nation-State Malware Hiding on Blockchains
JADESNOW

2025-10-15 ⋅ Symantec ⋅ Threat Hunter Team
Jewelbug: Chinese APT Group Widens Reach to Russia

2025-10-15 ⋅ David Dodda ⋅ Dvaid Dodda
How I Almost Got Hacked By A 'Job Interview'
OtterCookie

2025-10-15 ⋅ Trend Micro ⋅ Dove Chiu, Lucien Chuang
Operation Zero Disco: Attackers Exploit Cisco SNMP Vulnerability to Deploy Rootkits

2025-10-14 ⋅ Synacktiv ⋅ Theo Letailleur
LinkPro: eBPF rootkit analysis
LinkPro

2025-10-14 ⋅ ⋅ Synacktiv ⋅ Theo Letailleur
LinkPro: analysis of an eBPF rootkit
LinkPro vGet

2025-10-14 ⋅ Gatewatcher ⋅ Gatewatcher, Gatewatcher's purple team
Data Breach: the operations of "Charming Kitten" revealed

2025-10-13 ⋅ ⋅ Logpresso ⋅ Hwang Min-kyung
[Threat Analysis] Lazarus Group Analyzes Malware for Windows and MacOS

2025-10-13 ⋅ Proofpoint ⋅ Kyle Cucci, Proofpoint Threat Research Team, Selena Larson, Tommy Madjar
When the monster bytes: tracking TA585 and its arsenal
MonsterV2