Malpedia Library

Click here to download all references as Bib-File.•

2026-04-23 ⋅ bluecyber ⋅ Son Vu
MUSTANG PANDA × PLUGX - From deceptive LNK to multi-transport backdoor
PlugX

2026-04-23 ⋅ Mandiant ⋅ Josh Kelley, JP Glab, Muhammad Umair, Tufail Ahmed
Snow Flurries: How UNC6692 Employed Social Engineering to Deploy a Custom Malware Suite
SNOWBASIN UNC6692

2026-04-22 ⋅ Secure Blink ⋅ Secure Blink
Mustang Panda Strikes India and South Korea with Updated LOTUSLITE Backdoor in Espionage Campaign
LOTUSLITE

2026-04-22 ⋅ Ransom-ISAC ⋅ Alex Necula, Ellis Stannard
DragonBreath: Dragon in the Kernel
DragonBreath

2026-04-22 ⋅ Expel ⋅ Marcus Hutchins
Inside Lazarus: How North Korea uses AI to industrialize attacks on developers
BeaverTail OtterCookie InvisibleFerret HexagonalRodent

2026-04-21 ⋅ Trend Micro ⋅ Lucas Silva
Void Dokkaebi Uses Fake Job Interview Lure to Spread Malware via Code Repositories
BeaverTail JADESNOW OtterCookie InvisibleFerret

2026-04-20 ⋅ Twitter (@suyog41) ⋅ Yogesh Londhe
Tweet about LedgerChecker Stealer
LedgerChecker Stealer

2026-04-18 ⋅ Hexastrike Cybersecurity ⋅ Maurice Fielenbach
Cloned, Loaded, and Stolen: How 109 Fake GitHub Repositories Delivered SmartLoader and StealC
SmartLoader Stealc

2026-04-16 ⋅ YouTube (botconf eu) ⋅ Alexey Bukhteyev, Souhail Hammou
Chasing XLoader: Tracking a Notoriously Complex Malware Family at Scale
Xloader Formbook

2026-04-16 ⋅ Twitter (@anyrun_app) ⋅ Achmad Adhikara, GridGuardGhoul
Tweet about SpankRat
SpankRAT

2026-04-16 ⋅ Darktrace ⋅ Calum Hall, Ryan Traill
Inside ZionSiphon: Darktrace’s Analysis of OT Malware Targeting Israeli Water Systems
ZionSiphon

2026-04-15 ⋅ Cyberdaily.au ⋅ David Hollingworth
Exclusive: Krybit hackers claim breach of New Zealand IT services provider
Krybit

2026-04-15 ⋅ Orange Cyberdefense ⋅ Alexis Bonnefoi, Marine PICHON, Thomas Brossard
Smoking Out an Affiliate: SmokedHam, Qilin, a few Google Ads and some Bossware
Qilin AgendaCrypt SMOKEDHAM

2026-04-15 ⋅ Orange Cyberdefense ⋅ Alexis Bonnefoi, Marine PICHON, Thomas Brossard
Smoking Out an Affiliate: SmokedHam, Qilin, a few Google ads and some bossware
AgendaCrypt SMOKEDHAM

2026-04-14 ⋅ RedPacket Security ⋅ RedPacket Security
[KRYBIT] – Ransomware Victim: Hacked 0APT
Krybit

2026-04-13 ⋅ Dark Web Informer ⋅ Dark Web Informer
Polish Eco-Friendly Retailer VegeHome Suffers Data Breach Exposing 100K+ Customers
LulzIntel

2026-04-13 ⋅ khr0x
Tweet about HanGhost
HanGhost

2026-04-13 ⋅ Twitter (@anyrun_app) ⋅ Achmad Adhikara, khr0x
Tweet about HanGhost

2026-04-13 ⋅ Dataminr ⋅ Tim Miller
Cyber Intel Brief: Pro-Iranian Actor Ababil of Minab Claims Cyberattack on LA Metro (LACMTA)
Ababil of Minab

2026-04-12 ⋅ cocomelonc ⋅ cocomelonc
Mobile malware development trick 3. CPU info logger: anti-VM and anti-sandbox. Simple Android (Kotlin) example.