Malpedia Library

Click here to download all references as Bib-File.•

2025-09-18 ⋅ Hunt.io ⋅ Hunt.io
Tracking AsyncRAT via Trojanized ScreenConnect and Open Directories
AsyncRAT

2025-09-18 ⋅ Lumen ⋅ Black Lotus Labs
SystemBC – Bringing the Noise
SystemBC SystemBC

2025-09-17 ⋅ Bitdefender ⋅ Bogdan Zavadovschi
EggStreme Malware: Unpacking a New APT Framework Targeting a Philippine Military Company

2025-09-17 ⋅ Morado ⋅ Jayden Palacios
GLOBAL Ransomware - New Tactics Revealed
Global

2025-09-16 ⋅ Wiz.io ⋅ Barak Sharoni, Merav Bar, Rami McCarthy
Shai-Hulud: Ongoing Package Supply Chain Worm Delivering Data-Stealing Malware
Shai-Hulud

2025-09-15 ⋅ DeXpose ⋅ M4lcode
Threat Actor Profile: APT27

2025-09-15 ⋅ Qianxin ⋅ Acey9, Alex.Turing, Wang Hao
The Most Powerful Ever? Inside the 11.5Tbps-Scale Mega Botnet AISURU
Aisuru

2025-09-14 ⋅ cocomelonc ⋅ cocomelonc
Malware development: persistence - part 28. CertPropSvc registry hijack. Simple C/C++ example

2025-09-12 ⋅ Medium (@zyadlzyatsoc) ⋅ Zyad Elzyat
XWorm Malware Analysis: SOC & IR Perspective on Persistence, C2, and Anti-Analysis Tactics
XWorm

2025-09-11 ⋅ IBM X-Force ⋅ Golo Mühr, Joshua Chung
Hive0154, aka Mustang Panda, drops updated Toneshell backdoor and novel SnakeDisk USB worm
PUBLOAD SnakeDisk TONESHELL Yokai

2025-09-11 ⋅ Zero Day ⋅ Kim Zetter, Visi Stark
How the Infamous APT-1 Report Exposing China’s PLA Hackers Came to Be

2025-09-11 ⋅ Trend Micro ⋅ Armando Nathaniel Pedragoza, Emmanuel Panopio, Emmanuel Roll, Jeffrey Francis Bonaobra, Joshua Aquino, Joshua Lijandro Tsang, Marco Dela Vega, Melvin Singwa, Mohammed Malubay
EvilAI Operators Use AI-Generated Code and Fake Apps for Far-Reaching Attacks
TamperedChef

2025-09-11 ⋅ DataBreaches.net ⋅ Dissent
Going Dark: ShinyHunters/ScatteredSpider/LAPSUS$ Say Goodbye (2)

2025-09-10 ⋅ Hunt.io ⋅ Hunt.io
AdaptixC2 Uncovered: Capabilities, Tactics & Hunting Strategies
AdaptixC2

2025-09-10 ⋅ Palo Alto Networks Unit 42 ⋅ Itay Cohen, Ofek Lahiani
AdaptixC2: A New Open-Source Framework Leveraged in Real-World Attacks
AdaptixC2

2025-09-09 ⋅ Huntress Labs ⋅ Jamie Levy, Lindsey O'Donnell-Welch, Michael Tigges
How an Attacker’s Blunder Gave Us a Rare Look Inside Their Day-to-Day Operations

2025-09-08 ⋅ Fortinet ⋅ Yurren Wan
MostereRAT Deployed AnyDesk/TightVNC for Covert Full Access
MostereRAT

2025-09-08 ⋅ Zscaler ⋅ Seongsu Park
APT37 Targets Windows with Rust Backdoor and Python Loader
Rustonotto

2025-09-07 ⋅ ⋅ 360 ⋅ 360
APT-C-53 (Gamaredon) Attacks on Ukrainian Government Functions
Pteranodon

2025-09-07 ⋅ Hexastrike Cybersecurity ⋅ Maurice Fielenbach
ValleyRAT Exploiting BYOVD to Kill Endpoint Security
ValleyRAT