Malpedia Library

Click here to download all references as Bib-File.•

2026-05-04 ⋅ Trend Micro ⋅ Ahmed Mohamed Ibrahim, Aliakbar Zahravi
Quasar Linux (QLNX) – A Silent Foothold in the Supply Chain: Inside a Full-Featured Linux RAT With Rootkit, PAM Backdoor, Credential Harvesting Capabilities
QLNX

2026-05-03 ⋅ Medium Ireneusz Tarnowski ⋅ Ireneusz Tarnowski
Multi-stage malware delivery campaign using SEO poisoning and serverless infrastructure
AMOS

2026-05-01 ⋅ kmsec ⋅ Kieran Miyamoto
North Korea's abuse of Cloudflare Workers and Pages
PylangGhost

2026-04-30 ⋅ Kaspersky ⋅ Anna Lazaricheva, Anton Kargin, Victoria Vlasova, Vladimir Gursky
Silver Fox uses the new ABCDoor backdoor to target organizations in Russia and India
ABCDoor

2026-04-27 ⋅ Red Piranha ⋅ Red Piranha
Weekly Detected Threats - April 21 - April 27 2026
Lamashtu

2026-04-27 ⋅ Twitter (@suyog41) ⋅ Yogesh Londhe
Tweet about GeckoStealer
GeckoStealer

2026-04-23 ⋅ Sentinel LABS ⋅ Juan Andrés Guerrero-Saade, Vitaly Kamluk
fast16 | Mystery ShadowBrokers Reference Reveals High-Precision Software Sabotage 5 Years Before Stuxnet
fast16

2026-04-23 ⋅ bluecyber ⋅ Son Vu
MUSTANG PANDA × PLUGX - From deceptive LNK to multi-transport backdoor
PlugX

2026-04-23 ⋅ Mandiant ⋅ Josh Kelley, JP Glab, Muhammad Umair, Tufail Ahmed
Snow Flurries: How UNC6692 Employed Social Engineering to Deploy a Custom Malware Suite
SNOWBASIN UNC6692

2026-04-22 ⋅ Secure Blink ⋅ Secure Blink
Mustang Panda Strikes India and South Korea with Updated LOTUSLITE Backdoor in Espionage Campaign
LOTUSLITE

2026-04-22 ⋅ Ransom-ISAC ⋅ Alex Necula, Ellis Stannard
DragonBreath: Dragon in the Kernel
DragonBreath

2026-04-22 ⋅ Expel ⋅ Marcus Hutchins
Inside Lazarus: How North Korea uses AI to industrialize attacks on developers
BeaverTail OtterCookie InvisibleFerret HexagonalRodent

2026-04-21 ⋅ Trend Micro ⋅ Lucas Silva
Void Dokkaebi Uses Fake Job Interview Lure to Spread Malware via Code Repositories
BeaverTail JADESNOW OtterCookie InvisibleFerret

2026-04-20 ⋅ Twitter (@suyog41) ⋅ Yogesh Londhe
Tweet about LedgerChecker Stealer
LedgerChecker Stealer

2026-04-18 ⋅ Hexastrike Cybersecurity ⋅ Maurice Fielenbach
Cloned, Loaded, and Stolen: How 109 Fake GitHub Repositories Delivered SmartLoader and StealC
SmartLoader Stealc

2026-04-16 ⋅ zimperium ⋅ Fernando Ortega, Vishnu Pratapagiri
Android Bankers: 4 Campaigns In A Row
Mirax

2026-04-16 ⋅ YouTube (botconf eu) ⋅ Alexey Bukhteyev, Souhail Hammou
Chasing XLoader: Tracking a Notoriously Complex Malware Family at Scale
Xloader Formbook

2026-04-16 ⋅ Twitter (@anyrun_app) ⋅ Achmad Adhikara, GridGuardGhoul
Tweet about SpankRat
SpankRAT

2026-04-16 ⋅ Darktrace ⋅ Calum Hall, Ryan Traill
Inside ZionSiphon: Darktrace’s Analysis of OT Malware Targeting Israeli Water Systems
ZionSiphon

2026-04-15 ⋅ Cyberdaily.au ⋅ David Hollingworth
Exclusive: Krybit hackers claim breach of New Zealand IT services provider
Krybit