Malpedia Library

Click here to download all references as Bib-File.•

2025-10-22 ⋅ Cyderes ⋅ Rahul Ramesh
Chrome Installer Impersonation Campaign Targets China-Based Victims with ValleyRAT Trojan
BlindEDR ValleyRAT

2025-10-21 ⋅ HarfangLab ⋅ HarfangLab CTR
RudePanda owns IIS servers like it's 2003
TOLLBOOTH

2025-10-21 ⋅ Elastic ⋅ Andrew Pease, Braxton Williams, Daniel Stepanic, Jia Yu Chan, Salim Bitam, Seth Goodwin
TOLLBOOTH: What's yours, IIS mine
TOLLBOOTH

2025-10-20 ⋅ Darktrace ⋅ Nathaniel Jones, Sam Lister
Salty Much: Darktrace’s view on a recent Salt Typhoon intrusion
SNAPPYBEE

2025-10-20 ⋅ Medium Deriv-Tech ⋅ Shantanu Ghumade
How a fake AI recruiter delivers five staged malware disguised as a dream job
BeaverTail OtterCookie InvisibleFerret

2025-10-20 ⋅ Google ⋅ Wesley Shields
To Be (A Robot) or Not to Be: New Malware Attributed to Russia State-Sponsored COLDRIVER
MAYBEROBOT NOROBOT YESROBOT

2025-10-20 ⋅ Ransom-ISAC ⋅ Ellis Stannard
Cross-Chain TxDataHiding Crypto Heist: A Very Chainful Process (Part 1)
JADESNOW

2025-10-19 ⋅ ⋅ CNCERT ⋅ CNCERT
Technical Analysis Report on National Timing Center's National Security Agency Cyberattacks
DanderSpritz

2025-10-18 ⋅ Koi Security ⋅ Idan Dardikman
GlassWorm: First Self-Propagating Worm Using Invisible Code Hits OpenVSX Marketplace
GlassWorm

2025-10-18 ⋅ Medium 0xzyadelzyat ⋅ Zyad Elzyat
PureLogs Stealer: Complete Malware Analysis & CTF Walkthrough
PureLogs Stealer

2025-10-16 ⋅ Trendmicro ⋅ Junestherry Dela Cruz
Shifts in the Underground: The Impact of Water Kurita’s (Lumma Stealer) Doxxing
Lumma Stealer

2025-10-16 ⋅ Hunt.io ⋅ Hunt.io
Odyssey Stealer and AMOS Campaign Targets macOS Developers Through Fake Tools
AMOS

2025-10-16 ⋅ Swisscom B2B CSIRT ⋅ Matthieu Gras, Swisscom B2B CSIRT
Swisscom TDR Intel Brief - Acreed: On-Chain C2 Evolution
ACR Stealer

2025-10-16 ⋅ Mandiant ⋅ Blas Kojusner, Joseph Dobson, Robert Wallace
DPRK Adopts EtherHiding: Nation-State Malware Hiding on Blockchains
JADESNOW

2025-10-16 ⋅ Cisco Talos ⋅ Michael Kelley, Vanja Svajcer
BeaverTail and OtterCookie evolve with a new Javascript module
BeaverTail OtterCookie InvisibleFerret

2025-10-15 ⋅ Symantec ⋅ Threat Hunter Team
Jewelbug: Chinese APT Group Widens Reach to Russia

2025-10-15 ⋅ David Dodda ⋅ Dvaid Dodda
How I Almost Got Hacked By A 'Job Interview'
OtterCookie

2025-10-15 ⋅ Kaspersky ⋅ Noushin Shabab, Ye Jin
Mysterious Elephant: a growing threat
Remcos

2025-10-15 ⋅ NTT ⋅ Rintaro Koike
OtterCandy, malware used by WaterPlum
OtterCandy

2025-10-15 ⋅ Trend Micro ⋅ Dove Chiu, Lucien Chuang
Operation Zero Disco: Attackers Exploit Cisco SNMP Vulnerability to Deploy Rootkits