Malpedia Library

Click here to download all references as Bib-File.•

2025-05-13 ⋅ EclecticIQ ⋅ Arda Büyükkaya
China-Nexus Nation State Actors Exploit SAP NetWeaver (CVE-2025-31324) to Target Critical Infrastructures
KrustyLoader SNOWLIGHT Vshell

2025-05-13 ⋅ Cisco Talos ⋅ Asheer Malhotra, Ashley Shen, Edmund Brumaghin, Vitor Ventura
Defining a new methodology for modeling and tracking compartmentalized threats

2025-05-13 ⋅ CSA ⋅ Ahmad Abdillah
Intrusion Insights Straight from Leaked Operator Chats
LockBit LockBit LockBit

2025-05-13 ⋅ Gdata ⋅ Chloe de Leon, Lovely Antonio
Sit, Fetch, Steal - Chihuahua Stealer: A new Breed of Infostealer
Chihuahua

2025-05-12 ⋅ Genians ⋅ Genians
Analysis of APT37 Attack Case Disguised as a Think Tank for National Security Strategy in South Korea (Operation. ToyBox Story)
RokRAT

2025-05-09 ⋅ Lumen ⋅ Chris Formosa, Ryan English
Classic Rock: Hunting a Botnet that preys on the Old

2025-05-09 ⋅ US Department of Justice ⋅ U.S. Attorney's Office, Northern District of Oklahoma
Botnet Dismantled in International Operation, Russian and Kazakhstani Administrators Indicted
TheMoon

2025-05-09 ⋅ Lumen ⋅ Black Lotus Labs
Classic Rock: Hunting a Botnet that preys on the Old

2025-05-08 ⋅ DataBreaches.net ⋅ @chum1ng0, Dissent
Negotiations with the Akira ransomware group: an ill-advised approach
Akira

2025-05-08 ⋅ Fortinet ⋅ Ran Mizrahi
Multilayered Email Attack: How a PDF Invoice and Geo-Fencing Led to RAT Malware
Ratty

2025-05-08 ⋅ Forescout ⋅ Luca Barba, Sai Molige
Threat Analysis: SAP Vulnerability Exploited in the Wild by Chinese Threat Actor
Chaya_004

2025-05-07 ⋅ Europol ⋅ Europol
DDoS-for-hire empire brought down: Poland arrests 4 administrators, US seizes 9 domains

2025-05-07 ⋅ US Department of Justice ⋅ U.S. Attorney's Officea Northern District of Oklahoma
Case 4:25-cr-00160-JDR: Indictment of Alexey Viktorovich Chertkov, Kirill Vladimirovich Morozov, Aleksandr Aleksandrovich Shishkin and Dmitriy Rubtsov
TheMoon

2025-05-07 ⋅ FBI ⋅ FBI
Cyber Criminal Services Target End-of-Life Routers to Launch Attacks and Hide Their Activities
TheMoon

2025-05-07 ⋅ Palo Alto Networks Unit 42 ⋅ Unit 42
Iranian Cyber Actors Impersonate Model Agency in Suspected Espionage Operation
APT35

2025-05-07 ⋅ NTT Security ⋅ Masaya Motoda, Rintaro Koike
Additional Features of OtterCookie Malware Used by WaterPlum
BeaverTail OtterCookie InvisibleFerret

2025-05-06 ⋅ Akamai ⋅ Kyle Lefton
Here Comes Mirai: IoT Devices RSVP to Active Exploitation
LZRD

2025-05-06 ⋅ Infoblox ⋅ Infoblox Threat Intelligence Group
Telegram Tango: Dancing with a Scammer

2025-05-06 ⋅ NCSC Switzerland ⋅ NCSC Switzerland
Cybersecurity: Situation in Switzerland and internationally - Semi-Annual Report 2024/II

2025-05-05 ⋅ BleepingComputer ⋅ Lawrence Abrams
New "Bring Your Own Installer" EDR bypass used in ransomware attack