Malpedia Library

Click here to download all references as Bib-File.•

2025-04-21 ⋅ Trellix ⋅ Mohideen Abdul Khader
Unmasking the Evolving Threat: A Deep Dive into the Latest Version of Lumma InfoStealer with Code Flow Obfuscation
Lumma Stealer

2025-04-17 ⋅ FORTRA ⋅ Max Ickert
Threat Actor Profile: SheByte Phishing-as-a-Service

2025-04-16 ⋅ IBM X-Force ⋅ IBM Security X-Force Team
IBM X-Force 2025 Threat Intelligence Index

2025-04-11 ⋅ Reliaquest ⋅ RELIAQUEST THREAT RESEARCH TEAM
Threat Spotlight: Hijacked and Hidden: New Backdoor and Persistence Technique

2025-04-10 ⋅ Symantec ⋅ Threat Hunter Team
Shuckworm Targets Foreign Military Mission Based in Ukraine

2025-04-08 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Exploitation of CLFS zero-day leads to ransomware activity
RansomEXX Storm-2460

2025-04-03 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Threat actors leverage tax season to deploy tax-themed phishing campaigns
Brute Ratel C4 CloudEyE Latrodectus Remcos Storm-0249

2025-04-03 ⋅ Mandiant ⋅ Jacob Thompson, John Wolfram, Josh Murchie, Matt Lin, Michael Edie
Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457)
SPAWNSNARE

2025-04-03 ⋅ ThreatMon ⋅ Aziz Kaplan, ThreatMon, ThreatMon Malware Research Team
Ransomhub Group & New Betruger Backdoor Technical Malware Analysis Report

2025-04-01 ⋅ Hunt.io ⋅ Hunt.io
Same Russian-Speaking Threat Actor, New Tactics: Abuse of Cloudflare Services for Phishing and Telegram to Filter Victim IPs
Pyramid

2025-03-28 ⋅ ThreatFabric ⋅ ThreatFabric
Exposing Crocodilus: New Device Takeover Malware Targeting Android Devices
Crocodilus

2025-03-27 ⋅ Infoblox ⋅ Infoblox Threat Intelligence Group
A Phishing Tale of DoH and DNS MX Abuse

2025-03-26 ⋅ eSentire ⋅ eSentire Threat Response Unit (TRU)
The Long and Short(cut) of It: KoiLoader Analysis
Koi Loader

2025-03-26 ⋅ ThreatMon ⋅ Aziz Kaplan, ThreatMon, ThreatMon Malware Research Team
Raton / Silly - Remote Access Trojan | Technical Malware Analysis Report
AsyncRAT

2025-03-13 ⋅ Securonix ⋅ Den Iyzvyk, Tim Peck
Analyzing OBSCURE#BAT Threat Actors Lure Victims into Executing Malicious Batch Scripts to Deploy Stealthy Rootkits
Quasar RAT r77

2025-03-13 ⋅ Linkedin (ThreatMon) ⋅ Aziz Kaplan, ThreatMon, ThreatMon Malware Research Team
Chrome DLL Manipulation Attack Exposed

2025-03-12 ⋅ Red Canary ⋅ Red Canary
2025 Threat Detection Report
HijackLoader Lumma Stealer NetSupportManager RAT

2025-03-11 ⋅ Cato Networks ⋅ Matan Mittleman, Ofek Vardi
Cato CTRL Threat Research: Ballista – New IoT Botnet Targeting Thousands of TP-Link Archer Routers
Ballista

2025-03-11 ⋅ ThreatMon ⋅ Aziz Kaplan, ThreatMon, ThreatMon Malware Research Team
New Ermac Variant - Android Banking Trojan & Botnet
ERMAC

2025-03-07 ⋅ Proofpoint ⋅ Ole Villadsen, Proofpoint Threat Research Team, Selena Larson
Remote Monitoring and Management (RMM) Tooling Increasingly an Attacker’s First Choice