Malpedia Library

Click here to download all references as Bib-File.•

2025-04-22 ⋅ Kaspersky Labs ⋅ Alexander Demidov, Georgy Kucherin, Igor Kuznetsov
Russian organizations targeted by backdoor masquerading as secure networking software updates

2025-04-22 ⋅ Volexity ⋅ Charlie Gardner, Josh Duke, Matthew Meltzer, Sean Koessel, Steven Adair, Tom Lancaster
Phishing for Codes: Russian Threat Actors Target Microsoft 365 OAuth Workflows

2025-04-21 ⋅ Twitter (@browsercookies) ⋅ Cookie Connoisseur
Tweet on public Google Drive potentially connected to DPRK activity.

2025-04-17 ⋅ Porthas ⋅ Hassan Faraz, Mohamed Talaat
Breaking the B0 ransomware: Investigation & Decryption
B0

2025-04-17 ⋅ Cisco Talos ⋅ Joey Chen
Unmasking the new XorDDoS controller and infrastructure
XOR DDoS

2025-04-17 ⋅ Proofpoint ⋅ Greg Lesnewich, Josh Miller, Mark Kelly, Saher Naumaan
Around the World in 90 Days: State-Sponsored Actors Try ClickFix
Quasar RAT UNK_RemoteRogue

2025-04-17 ⋅ Kaspersky Labs ⋅ GReAT
IronHusky updates the forgotten MysterySnail RAT to target Russia and Mongolia
MysterySnail

2025-04-17 ⋅ Trustwave ⋅ Dawid Nesterowicz, Pawel Knapczyk
Proton66 Part 2: Compromised WordPress Pages and Malware Campaigns
StrelaStealer TargetCompany XWorm

2025-04-17 ⋅ FORTRA ⋅ Max Ickert
Threat Actor Profile: SheByte Phishing-as-a-Service

2025-04-16 ⋅ VirusTotal ⋅ VirusTotal
b804ab085f7cf9ee546d586b36ebbeb73f874205b8fae048760dee78375ddf40
Unidentified 121

2025-04-16 ⋅ IBM X-Force ⋅ IBM Security X-Force Team
IBM X-Force 2025 Threat Intelligence Index

2025-04-16 ⋅ TechCrunch ⋅ Zack Whittaker
Apple says zero-day bugs exploited against ‘specific targeted individuals’ using iOS

2025-04-16 ⋅ Intel 471 ⋅ Intel 471
LabHost: A defunct but potent phishing service

2025-04-16 ⋅ SpyCloud ⋅ Aurora Johnson, Keegan Keplinger
Exposed Credentials & Ransomware Operations: Using LLMs to Digest 200K Messages from the Black Basta Chats
Black Basta Black Basta

2025-04-16 ⋅ HarfangLab ⋅ HarfangLab CTR
Inside Gamaredon’s PteroLNK: Dead Drop Resolvers and evasive Infrastructure
Pteranodon

2025-04-16 ⋅ Sekoia ⋅ Sekoia TDR
Interlock ransomware evolving under the radar
Interlock Berserk Stealer Interlock Lumma Stealer Supper

2025-04-15 ⋅ Beazley Security Labs ⋅ Beazley Security Labs
Hunting Mice In Tunnels II - Fake CAPTCHAs and Ransomware
Interlock Supper

2025-04-15 ⋅ ⋅ Orange Cyberdefense ⋅ André Henschel, Friedl Holzner
CyberSOC Insights: Analysis of a Black Basta Attack Campaign
Black Basta DarkGate Lumma Stealer

2025-04-15 ⋅ sysdig ⋅ Alessandra Rizzo
UNC5174’s evolution in China’s ongoing cyber warfare: From SNOWLIGHT to VShell
SNOWLIGHT Sliver Vshell

2025-04-15 ⋅ SecurityWeek ⋅ The Associated Press
China Pursuing 3 Alleged US Operatives Over Cyberattacks During Asian Games