Malpedia Library

Click here to download all references as Bib-File.•

2025-06-16 ⋅ Trend Micro ⋅ Aira Marcelo, Gabriel Nicoleta, Jovit Samaniego, Mohamed Fahmy
Clone, Compile, Compromise: Water Curse’s Open-Source Malware Trap on GitHub

2025-06-15 ⋅ Positive Technologies ⋅ Stanislav Pyzhov, Vladislav Lunin
Team46 and TaxOff: two sides of the same coin
Cobalt Strike

2025-06-14 ⋅ K7 Security ⋅ Uma Madasamy
SpectraRansomware
Chaos

2025-06-14 ⋅ abuse.ch ⋅ abuse.ch
MalwareBazaar | SalatStealer
SalatStealer

2025-06-13 ⋅ Twitter (@luc4m) ⋅ Luca Mella
Tweet on PXA Stealer targeting Italy
PXA Stealer

2025-06-13 ⋅ Recorded Future ⋅ Recorded Future
GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT
PowerNet

2025-06-13 ⋅ Twitter (@Unit42_Intel) ⋅ Unit 42
Tweet about APT27 SysUpdate activity
HyperSSL HyperSSL

2025-06-13 ⋅ Recorded Future ⋅ Insikt Group
GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT
EugenLoader POWERTRASH NetSupportManager RAT

2025-06-12 ⋅ Aikido ⋅ Charlie Eriksen
A deeper look into the threat actor behind the react-native-aria attack
JADESNOW

2025-06-12 ⋅ Check Point Research ⋅ Check Point
From Trust to Threat: Hijacked Discord Invites Used for Multi-Stage Malware Delivery
AsyncRAT Skuld

2025-06-12 ⋅ Infoblox ⋅ Infoblox Threat Intelligence Group
Vexing and Vicious: The Eerie Relationship between WordPress Hackers and an Adtech Cabal
DollyWay

2025-06-12 ⋅ CitizenLab ⋅ Bill Marczak, John Scott-Railton
Graphite Caught: First Forensic Confirmation of Paragon’s iOS Mercenary Spyware Finds Journalists Targeted

2025-06-12 ⋅ Symantec ⋅ Carbon Black, Threat Hunter Team
Fog Ransomware: Unusual Toolset Used in Recent Attack
Fog

2025-06-12 ⋅ cocomelonc ⋅ cocomelonc
MacOS hacking part 1: stealing data via legit Telegram API. Simple C example

2025-06-11 ⋅ Interpol ⋅ Interpol
20,000 malicious IPs and domains taken down in INTERPOL infostealer crackdown

2025-06-10 ⋅ Twitter (@threatinsight) ⋅ Threat Insight
Tweet regarding Aurotun / MonsterV2
MonsterV2

2025-06-10 ⋅ Check Point Research ⋅ Check Point Research
CVE-2025-33053, Stealth Falcon and Horus: A Saga of Middle Eastern Cyber Espionage
Horus

2025-06-10 ⋅ abuse.ch
MalwareBazaar | SHA256 73fd51d4a0959e5c5a82db9be0d765069d02a2b97f51f55f5d6422a7bec01caa (AmateraStealer)
Amatera

2025-06-09 ⋅ Sentinel LABS ⋅ Aleksandar Milenkoski, Tom Hegel
Follow the Smoke | China-nexus Threat Actors Hammer At the Doors of Top Tier Targets
GOREshell Nimbo-C2 ShadowPad

2025-06-09 ⋅ Netresec ⋅ Erik Hjelmvik
Detecting PureLogs traffic with CapLoader
PureLogs Stealer