Malpedia Library

Click here to download all references as Bib-File.•

2025-02-12 ⋅ cyber.wtf blog ⋅ Hendrik Eckardt, Leonard Rapp
Unpacking Pyarmor v8+ scripts
AsyncRAT DCRat XWorm

2025-02-12 ⋅ Red Canary ⋅ Phil Hagen, Tony Lambert
Defying tunneling: A Wicked approach to detecting malicious network traffic
AsyncRAT DCRat NjRAT XWorm

2025-02-12 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
The BadPilot campaign: Seashell Blizzard subgroup conducts multiyear global access operation
LocalOlive

2025-02-12 ⋅ Bleeping Computer ⋅ Bill Toulas
Surge in attacks exploiting old ThinkPHP and ownCloud flaws

2025-02-12 ⋅ The Hacker News ⋅ Ravie Lakshmanan
North Korean Hackers Exploit PowerShell Trick to Hijack Devices in New Cyberattack

2025-02-11 ⋅ Sekoia ⋅ Pierre Le Bourhis
RATatouille: Cooking Up Chaos in the I2P Kitchen
Unidentified 118

2025-02-11 ⋅ EclecticIQ ⋅ Arda Büyükkaya
Sandworm APT Targets Ukrainian Users with Trojanized Microsoft KMS Activation Tools in Cyber Espionage Campaigns
Kalambur BACKORDER DCRat

2025-02-11 ⋅ Github (SecurityBlueTeam) ⋅ Security Blue Team
Smartloader Wireshark plugin
SmartLoader

2025-02-11 ⋅ CyberSecurityNews ⋅ Do Son
Sandworm APT Exploits Trojanized KMS Tools to Target Ukrainian Users in Cyber Espionage Campaign
DCRat

2025-02-11 ⋅ Twitter (@MsftSecIntel) ⋅ Microsoft Threat Intelligence
Twitter Thread on a new Kimsuky tactic inciting admins to paste powershell

2025-02-10 ⋅ Cyfirma ⋅ cyfirma
Tracking Ransomware: January 2025
TRIPLESTRENGTH

2025-02-10 ⋅ HarfangLab ⋅ HarfangLab CTR
Further insights into Ivanti CSA 4.6 vulnerabilities exploitation
Godzilla Webshell Behinder

2025-02-08 ⋅ Github (@Jenderal92) ⋅ Jenderal92
Github Repository for Shin Webshell
php.shin_webshell

2025-02-07 ⋅ ⋅ SI-CERT ⋅ SI-CERT
SI-CERT TZ016 / BeaverTail & InvisibleFerret
BeaverTail InvisibleFerret

2025-02-06 ⋅ Hunt.io ⋅ Hunt.io
SmokeLoader Malware Found in Open Directories Targeting Ukraine’s Auto & Banking Industries
SmokeLoader

2025-02-06 ⋅ Securi ⋅ Puja Srivastava
Google Tag Manager Skimmer Steals Credit Card Info From Magento Site
magecart

2025-02-06 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Code injection attacks using publicly disclosed ASP.NET machine keys

2025-02-05 ⋅ cyble ⋅ Cyble
Stealthy Attack: Dual Injection Undermines Chrome’s App-Bound Encryption

2025-02-05 ⋅ Bitdefender ⋅ Alina Bizga, Andrei ANTON-AANEI
Lazarus Group Targets Organizations with Sophisticated LinkedIn Recruiting Scam
tsunami

2025-02-04 ⋅ Hunt.io ⋅ Hunt.io
GreenSpot APT Targets 163.com Users with Fake Download Pages & Spoofed Domains
GreenSpot