Malpedia Library

2025-03-12 ⋅ Medium walmartglobaltech ⋅ Jason Reaves
Golang backdoor with a side of ChromeUpdateAlert App

2025-03-12 ⋅ Youtube (AhmedS Kasmani) ⋅ AhmedS Kasmani
Initial Analysis of Black Basta Chat Leaks
Black Basta Black Basta

2025-03-12 ⋅ YouTube (John Hammond) ⋅ John Hammond
LEAKED Russian Hackers Internal Chats
Black Basta Black Basta

2025-03-12 ⋅ Mandiant ⋅ Frank Tse, Jakub Jozwiak, Logeswaran Nadarajan, Lukasz Lamparski, Mathew Potaczek, Mustafa Nasser, Nick Harbour, Punsaen Boonyakarn, Shawn Chew
Ghost in the Router: China-Nexus Espionage Actor UNC3886 Targets Juniper Routers
tsh

2025-03-12 ⋅ Lookout ⋅ Lookout
Lookout Discovers New Spyware by North Korean APT37
KoSpy

2025-03-11 ⋅ Cato Networks ⋅ Matan Mittleman, Ofek Vardi
Cato CTRL Threat Research: Ballista – New IoT Botnet Targeting Thousands of TP-Link Archer Routers
Ballista

2025-03-11 ⋅ Juniper Networks ⋅ Cybersecurity R&D
The RedPenguin Malware Incident
tsh

2025-03-11 ⋅ Github (prodaft) ⋅ PRODAFT
IOCs for Anubis Backdoor
Anubis Backdoor

2025-03-11 ⋅ The Hacker News ⋅ Ravie Lakshmanan
Blind Eagle Hacks Colombian Institutions Using NTLM Flaw, RATs and GitHub-Based Attacks
AsyncRAT NjRAT Quasar RAT Remcos

2025-03-11 ⋅ Trend Micro ⋅ Cj Arsley Mateo, Darrel Tristan Virtusio, Jacob Santos, Junestherry Dela Cruz, Paul John Bardon
AI-Assisted Fake GitHub Repositories Fuel SmartLoader and LummaStealer Distribution
Lumma Stealer SmartLoader

2025-03-11 ⋅ Kaspersky Labs ⋅ AMR
DCRat backdoor returns
DCRat

2025-03-11 ⋅ ThreatMon ⋅ Aziz Kaplan, ThreatMon, ThreatMon Malware Research Team
New Ermac Variant - Android Banking Trojan & Botnet
ERMAC

2025-03-10 ⋅ LevelBlue ⋅ Ken Ng
Prevent, Detect, Contain: LevelBlue MDR’s Guide Against Black Basta Affiliates’ Attacks
Black Basta Black Basta ReedBed

2025-03-10 ⋅ Check Point Research ⋅ Check Point Research
Blind Eagle: …And Justice for All
Remcos

2025-03-10 ⋅ Socket ⋅ Kirill Boychenko
Lazarus Strikes npm Again with New Wave of Malicious Packages

2025-03-07 ⋅ Fortinet ⋅ Faisal Abdul Malik Qureshi, Fred Gutierrez, Hossein Jazi, John Simmons, Mark Robson, Said Wali, Xiaopeng Zhang
Investigating Iranian Intrusion into Strategic Middle East Critical Infrastructure
Havoc

2025-03-07 ⋅ Proofpoint ⋅ Ole Villadsen, Proofpoint Threat Research Team, Selena Larson
Remote Monitoring and Management (RMM) Tooling Increasingly an Attacker’s First Choice

2025-03-07 ⋅ MalwareAnalysisSpace ⋅ Seeker
Akira Ransomware Expands to Linux: the attacking abilities and strategies
Akira

2025-03-06 ⋅ Aryaka Networks ⋅ Aditya K. Sood
Snake Infostealer: A Look into Data Exfiltration via SMTP
404 Keylogger

2025-03-06 ⋅ ⋅ Orange Cyberdefense ⋅ Orange Cyberdefense
Dossier Bybit : Le plus gros hack de l’histoire de la finance