Malpedia Library

Click here to download all references as Bib-File.•

2026-04-14 ⋅ RedPacket Security ⋅ RedPacket Security
[KRYBIT] – Ransomware Victim: Hacked 0APT
Krybit

2026-04-13 ⋅ Dark Web Informer ⋅ Dark Web Informer
Polish Eco-Friendly Retailer VegeHome Suffers Data Breach Exposing 100K+ Customers
LulzIntel

2026-04-13 ⋅ Twitter (@anyrun_app) ⋅ Achmad Adhikara, khr0x
Tweet about HanGhost

2026-04-13 ⋅ Dataminr ⋅ Tim Miller
Cyber Intel Brief: Pro-Iranian Actor Ababil of Minab Claims Cyberattack on LA Metro (LACMTA)
Ababil of Minab

2026-04-10 ⋅ Infoblox ⋅ Chong Lua Dao, Infoblox Threat Intel
Scams, Slaves and (Malware-as-a) Service: Tracking a Trojan to Cambodia’s Scam Centers

2026-04-09 ⋅ ⋅ F6 ⋅ F6
Eastern Signature: Investigating a Cyberattack by an Asian Threat Group
ShadowPad

2026-04-08 ⋅ Lookout ⋅ Alemdar Islamoglu, Justin Albrecht
Beyond BITTER: MENA Civil Society Targeted in Hack-For-Hire Operation Linked to BITTER APT
ProSpy

2026-04-08 ⋅ Black Lotus Labs ⋅ Danny Adamitis, Ryan English
FrostArmada: All thriller, no (malware) filler

2026-04-07 ⋅ Talos Intelligence ⋅ Ashley Shen
New Lua-based malware “LucidRook” observed in targeted attacks against Taiwanese organizations
LucidKnight LucidPawn LucidRook UAT-10362

2026-04-07 ⋅ RedPacket Security ⋅ RedPacket Security
[KRYBIT] – Ransomware Victim: fraper[.]com
Krybit

2026-04-07 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
SOHO router compromise leads to DNS hijacking and adversary-in-the-middle attacks

2026-04-07 ⋅ IC3 ⋅ CISA, CNMF, Department of Energy (DOE), EPA, FBI, NSA
AA26-097A: Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure

2026-04-07 ⋅ NCSC UK ⋅ NCSC UK
APT28 exploit routers to enable DNS hijacking operations

2026-04-06 ⋅ PICUS Security ⋅ Umut Bayram
How NoName057(16) Uses DDoSia to Attack NATO Targets
Z-Pentest Alliance

2026-04-03 ⋅ Panther ⋅ Michael Baker
jsonspack: Multi-Tenant Node.js RAT — DPRK Supply Chain Campaign
OtterCookie

2026-04-03 ⋅ Trend Micro ⋅ Jacob Santos, Jeffrey Francis Bonaobra, Sophia Nilette Robles
Weaponizing Trust Signals: Claude Code Lures and GitHub Release Payloads
GhostSocks Vidar

2026-04-02 ⋅ cocomelonc ⋅ cocomelonc
MacOS malware persistence 8: periodic scripts. Simple C example

2026-04-02 ⋅ tracebit ⋅ Alessandro Brucato
Detecting CI/CD Supply Chain Attacks with Canary Credentials
TeamPCP

2026-04-01 ⋅ SOC Prime ⋅ Daryna Olyniychuk
UAC-0255 Attack Detection: Threat Actors Impersonate CERT-UA to Infect Ukrainian Public and Private Sector Organizations With AGEWHEEZE RAT
AGEWHEEZE Cyber Serp

2026-04-01 ⋅ cocomelonc ⋅ cocomelonc
MacOS hacking part 13: sysinfo stealer via VirusTotal API. Simple C example