Malpedia Library

Click here to download all references as Bib-File.•

2026-01-15 ⋅ ANALYST1 ⋅ Anastasia Sentsova
Infrastructure in the Shadows: How Two Leaks Unmasked the Criminal Network of Yalishanda aka Media Land, and BlackBasta
Black Basta Black Basta

2026-01-15 ⋅ Expel ⋅ AARON WALTON
Planned failure: Gootloader’s malformed ZIP actually works perfectly
GootLoader

2026-01-14 ⋅ Hunt.io ⋅ Hunt.io
Inside China’s Hosting Ecosystem: 18,000+ Malware C2 Servers Mapped Across Major ISPs

2026-01-14 ⋅ Trellix ⋅ Mallikarjun Wali, Mohideen Abdul Khader
Hiding in Plain Sight: Deconstructing the Multi-Actor DLL Sideloading Campaign abusing ahost.exe
DCRat

2026-01-13 ⋅ Medium @0xOZ ⋅ OZ
How to Get Scammed (by DPRK Hackers)
JADESNOW

2026-01-13 ⋅ LinkedIn (Majed Ali) ⋅ Majed Ali
Dissecting a Multi-Stage Malware Campaign: How Cracked Software's Delivers ViperSoftX
ViperSoftX

2026-01-12 ⋅ Securonix ⋅ Aaron Beardslee, Akshay Gaikwad, Shikha Sangwan
SHADOW#REACTOR – Text-Only Staging, .NET Reactor, and In-Memory Remcos RAT Deployment
Remcos

2026-01-12 ⋅ ⋅ Cert-UA ⋅ Cert-UA
"Unreliable Fund": targeted cyberattacks UAC-0190 against SOU using PLUGGYAPE (CERT-UA#19092)
PLUGGYAPE Void Blizzard

2026-01-09 ⋅ The Hacker News ⋅ Ravie Lakshmanan
Russian APT28 Runs Credential-Stealing Campaign Targeting Energy and Policy Organizations

2026-01-08 ⋅ FBI ⋅ IC3
North Korean Kimsuky Actors Leverage Malicious QR Codes in Spearphishing Campaigns Targeting U.S. Entities

2026-01-07 ⋅ MalBeacon ⋅ MalBeacon
[Op Report] CastleRAT Campaign leads to Hands-on-Keyboard ATO Operations
NightshadeC2

2026-01-06 ⋅ Reversing Labs ⋅ Robert Simmons
Unpacking the packer ‘pkr_mtsi’
Broomstick Supper

2026-01-06 ⋅ Trellix ⋅ Aswath A
The Ghost in the Machine: Unmasking CrazyHunter's Stealth Tactics
CrazyHunter

2026-01-06 ⋅ TechCrunch ⋅ Zack Whittaker
Founder of spyware maker pcTattletale pleads guilty to hacking and advertising surveillance software
pcTattletale

2026-01-05 ⋅ HudsonRock ⋅ InfoStealers
Dozens of Global Companies Hacked via Cloud Credentials from Infostealer Infections & More at Risk

2025-12-30 ⋅ Botcrawl ⋅ Sean Doyle
Saudi Icon Data Breach Exposes 4.15TB in Alleged Kazu Ransomware Attack
Kazu

2025-12-30 ⋅ Koi Security ⋅ Gal Hachamov, Tuval Admoni
DarkSpectre: Unmasking the Threat Actor Behind 8.8 Million Infected Browsers
DarkSpectre ShadyPanda

2025-12-30 ⋅ US Department of Justice ⋅ Office of Public Affairs
Two Americans Plead Guilty to Targeting Multiple U.S. Victims Using ALPHV BlackCat Ransomware
BlackCat BlackCat

2025-12-29 ⋅ LinkedIn (Idan Tarab) ⋅ Idan Tarab
Active Spear-Phishing Campaign Targeting Israeli Security-Related Individuals — Infrastructure Linked to APT42 (Hashtag#CharmingKitten)

2025-12-23 ⋅ secpod ⋅ Santosh Sethuraman
Zero-Day Crisis: CVE-2025-20393 Unpatched on Cisco Email Gateways, Exploited by China-Linked Hackers
UAT-9686