Malpedia Library

Click here to download all references as Bib-File.•

2025-11-04 ⋅ Twitter (@nextronresearch) ⋅ Nextron Threat Research Team
Tweet about BQT ransomware on Linux
BQTlock

2025-11-03 ⋅ Seqrite ⋅ Sathwik Ram Prakki, Subhajeet Singha
Operation Peek-a-Baku: Silent Lynx APT makes sluggish shift to Dushanbe
Laplas (Reverseshell) SilentSweeper

2025-11-02 ⋅ Symantec ⋅ Broadcom, Symantec
Multi-Stage In-Memory Agent Tesla Campaign Targets LATAM
Agent Tesla

2025-10-31 ⋅ Seqrite ⋅ Sathwik Ram Prakki
Operation SkyCloak: Tor Campaign targets Military of Russia & Belarus

2025-10-31 ⋅ Expel ⋅ AARON WALTON
Certified OysterLoader: Tracking Rhysida ransomware gang activity via code-signing certificates
Broomstick

2025-10-29 ⋅ Qianxin ⋅ Acey9, Alex.Turing
Smoking Gun Uncovered: RPX Relay at PolarEdge’s Core Exposed
PolarEdge

2025-10-28 ⋅ ThreatFabric ⋅ ThreatFabric
New Android Malware Herodotus Mimics Human Behaviour to Evade Detection

2025-10-22 ⋅ Trend Micro ⋅ Daniel Lunghi, Joseph C Chen, Lenart Bermejo, Leon M Chang, Vickie Su
The Rise of Collaborative Tactics Among China-aligned Cyber Espionage Campaigns
Cobalt Strike DracuLoader ShadowPad

2025-10-22 ⋅ SentinelOne ⋅ Tom Hegel
PhantomCaptcha | Multi-Stage WebSocket RAT Targets Ukraine in Single-Day Spearphishing Operation
Princess

2025-10-22 ⋅ Cyderes ⋅ Rahul Ramesh
Chrome Installer Impersonation Campaign Targets China-Based Victims with ValleyRAT Trojan
BlindEDR ValleyRAT

2025-10-21 ⋅ Elastic ⋅ Andrew Pease, Braxton Williams, Daniel Stepanic, Jia Yu Chan, Salim Bitam, Seth Goodwin
TOLLBOOTH: What's yours, IIS mine
TOLLBOOTH

2025-10-20 ⋅ Darktrace ⋅ Nathaniel Jones, Sam Lister
Salty Much: Darktrace’s view on a recent Salt Typhoon intrusion
SNAPPYBEE

2025-10-20 ⋅ Google ⋅ Wesley Shields
To Be (A Robot) or Not to Be: New Malware Attributed to Russia State-Sponsored COLDRIVER
MAYBEROBOT NOROBOT YESROBOT

2025-10-20 ⋅ Ransom-ISAC ⋅ Ellis Stannard
Cross-Chain TxDataHiding Crypto Heist: A Very Chainful Process (Part 1)
JADESNOW

2025-10-19 ⋅ ⋅ CNCERT ⋅ CNCERT
Technical Analysis Report on National Timing Center's National Security Agency Cyberattacks
DanderSpritz

2025-10-18 ⋅ Twitter (@ThreatrayLabs) ⋅ Threatray Labs
Tweet on Kimsuky activity with loaders delivering HttpSpy and HttpTroy
NikiTeaR

2025-10-18 ⋅ Koi Security ⋅ Idan Dardikman
GlassWorm: First Self-Propagating Worm Using Invisible Code Hits OpenVSX Marketplace
GlassWorm

2025-10-18 ⋅ Medium 0xzyadelzyat ⋅ Zyad Elzyat
PureLogs Stealer: Complete Malware Analysis & CTF Walkthrough
PureLogs Stealer

2025-10-16 ⋅ Trendmicro ⋅ Junestherry Dela Cruz
Shifts in the Underground: The Impact of Water Kurita’s (Lumma Stealer) Doxxing
Lumma Stealer

2025-10-16 ⋅ Swisscom B2B CSIRT ⋅ Matthieu Gras, Swisscom B2B CSIRT
Swisscom TDR Intel Brief - Acreed: On-Chain C2 Evolution
ACR Stealer