Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2026-03-30Trend MicroJohn Rainier Navato
TeamPCP’s Telnyx Attack Marks a Shift in Tactics Beyond LiteLLM
TeamPCP
2026-03-26Trend MicroAshish Verma, Deep Patel, Fernando Tucci, John Rainier Navato, Peter Girnus, Simon Dulude
Your AI Gateway Was a Backdoor: Inside the LiteLLM Supply Chain Compromise
TeamPCP
2026-03-12GdataJohn Dador
Endgame Harvesting: Inside ACRStealer’s Modern Infrastructure
ACR Stealer
2026-02-26GdataJohn Dador, Karsten Hahn
HijackLoader: Free Games, Costly Consequences
HijackLoader
2026-02-25Google0verfl0w_, Anton Chuvakin, Bob Mechler, Crystal Lister, Eduardo Mattos, Google, Jason Bisson, Joachim Metz, John Stone, Jorge Blanco, Keith Lunden, Lia Wertheimer, Matthew Siuda, Michael Robinson, Muhammad Muneer, Noah McDonald, Ollie Green, Seth Rosenblatt
Cloud Threat Horizons Report: H1 2026
UNC6426
2026-02-17GoogleDaniel Sislo, Fernando Tomlinson, John Scarbrough, Jr., Nick Harbour, PETER UKHANOV, Rich Reece
From BRICKSTORM to GRIMBOLT: UNC6201 Exploiting a Dell RecoverPoint for Virtual Machines Zero-Day
BRICKSTORM GRIMBOLT SLAYSTYLE UNC6201
2026-02-15Github (jrm360seclab)Johny Metellus
AODIN X1BQ Projector — Pre-Installed Vo1d Botnet Malware
Void
2026-01-29FortninetAngelo Deveraturda, Jared Betts, John Simmons, Ken Evans, Mark Robson, Omar Avilez Melo, Xiaopeng Zhang
Interlock Ransomware: New Techniques, Same Old Tricks
Interlock
2025-12-18HelpNetSecurityJohn Wilson
Clipping Scripted Sparrow’s wings: Tracking a global phishing ring
Scripted Sparrow
2025-12-01FORTRAJohn Wilson
Scripted Sparrow: A Prolific BEC Threat Group
Scripted Sparrow
2025-11-19John Basmayor, Nathaniel Morales, Nikita Kazymirskyi
SpiderLabs IDs New Banking Trojan Distributed Through WhatsApp
Eternidade Stealer
2025-09-24GoogleAshley Pearson, Austin Larsen, BRAD SLAYBAUGH, Doug Bienstock, Geoff Carstairs, John Wolfram, Josh Madeley, Josh Murchie, Matt Lin, Sarah Yoder
Another BRICKSTORM: Stealthy Backdoor Enabling Espionage into Tech and Legal Sectors
BRICKSTORM
2025-08-19Red CanaryChris Brook, Christina Johns, Tyler Edmonds
Patching for persistence: How DripDropper Linux malware moves through the cloud
2025-07-31ThreatLockerJohn Moutos, Rayton Li
SafePay ransomware explained: IOCs, TTPs, and defense strategies
SafePay
2025-06-12CitizenLabBill Marczak, John Scott-Railton
Graphite Caught: First Forensic Confirmation of Paragon’s iOS Mercenary Spyware Finds Journalists Targeted
2025-05-29FortinetJohn Simmons, Xiaopeng Zhang
Deep Dive into a Dumped Malware without a PE Header
2025-05-01FortinetFaisal Abdul Malik Qureshi, Fred Gutierrez, Hossein Jazi, John Simmons, Mark Robson, Said Wali, Xiaopeng Zhang
FortiGuard Incident Response Team Detects Intrusion into Middle East Critical National Infrastructure
Havoc
2025-04-16SpyCloudAurora Johnson, Keegan Keplinger
Exposed Credentials & Ransomware Operations: Using LLMs to Digest 200K Messages from the Black Basta Chats
Black Basta Black Basta
2025-04-03MandiantJacob Thompson, John Wolfram, Josh Murchie, Matt Lin, Michael Edie
Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457)
SPAWNSNARE
2025-03-18TrellixJambul Tologonov, John Fokker
Analysis of Black Basta Ransomware Chat Leaks
Black Basta Black Basta