Malpedia Library

Click here to download all references as Bib-File.•

2025-02-04 ⋅ Trend Micro ⋅ Peter Girnus
CVE-2025-0411: Ukrainian Organizations Targeted in Zero-Day Campaign and Homoglyph Attacks
SmokeLoader

2025-02-03 ⋅ SentinelOne ⋅ Phil Stokes, Tom Hegel
macOS FlexibleFerret | Further Variants of DPRK Malware Family Unearthed
FlexibleFerret FriendlyFerret FrostyFerret

2025-02-03 ⋅ TEHTRIS ⋅ Lefebvre Fabien, Pezier Pierre-Henri
LegionLoader exposed
Satacom

2025-02-02 ⋅ Team82 ⋅ Team82
Do the CONTEC CMS8000 Patient Monitors Contain a Chinese Backdoor? The Reality is More Complicated…
CMS8000 Backdoor

2025-02-01 ⋅ ⋅ Youtube (greenplan) ⋅ greenplan
[BINARY REFINERY] (Emmenhtal) - Deobfuscation of AES encryption and writing of a Unit (PART 2)
Emmenhtal

2025-01-31 ⋅ ConnectWise ⋅ Blake Eakin
Attackers Leveraging Microsoft Teams Defaults and Quick Assist for Social Engineering Attacks
Black Basta Black Basta ReedBed

2025-01-30 ⋅ Recorded Future ⋅ Insikt Group
TAG-124’s Multi-Layered TDS Infrastructure and Extensive User Base
Rhysida KongTuke MintsLoader Broomstick Remcos Rhysida WarmCookie

2025-01-30 ⋅ Recorded Future ⋅ Insikt Group
TAG-124’s Multi-Layered TDS Infrastructure and Extensive User Base
TAG-124

2025-01-30 ⋅ eSentire ⋅ eSentire
Ongoing Email Bombing Campaigns leading to Remote Access and Post-Exploitation
Black Basta ReedBed UNC4393

2025-01-30 ⋅ Bitdefender ⋅ Martin Zugec
UAC-0063: Cyber Espionage Operation Expanding from Central Asia
HATVIBE

2025-01-30 ⋅ Bleeping Computer ⋅ Lawrence Abrams
Backdoor found in two healthcare patient monitors, linked to IP in China

2025-01-30 ⋅ CISA ⋅ CISA
Contec CMS8000 Contains a Backdoor
CMS8000 Backdoor

2025-01-30 ⋅ Department of Justice ⋅ U.S. Attorney's Office Southern District of Texas
Cybercrime websites selling hacking tools to transnational organized crime groups seized

2025-01-30 ⋅ RevEng.AI ⋅ RevEng.AI
One ClickFix and LummaStealer reCAPTCHA’s Our Attention - Part 1
Lumma Stealer

2025-01-30 ⋅ ⋅ Intrinsec ⋅ CTI Intrinsec
Telegram Stories: voice spoofers, tools and operating modes

2025-01-29 ⋅ SecurityScorecard ⋅ SecurityScorecard STRIKE Team
Operation Phantom Circuit: North Korea’s Global Data Exfiltration Campaign
BeaverTail InvisibleFerret

2025-01-29 ⋅ Socket ⋅ Kirill Boychenko, Peter van der Zee
North Korean APT Lazarus Targets Developers with Malicious npm Package
BeaverTail InvisibleFerret

2025-01-29 ⋅ Google ⋅ Conor Quigley, Luke Jenkins, Nino Isakovic
ScatterBrain: Unmasking the Shadow of PoisonPlug's Obfuscator
POISONPLUG ShadowPad SNAPPYBEE

2025-01-28 ⋅ Group-IB ⋅ Nikolay Kichatov, Pietro Albuquerque, Sharmine Low
Cat’s out of the bag: Lynx Ransomware-as-a-Service
Lynx

2025-01-28 ⋅ Twitter (@anyrun_app) ⋅ ANY.RUN
Tweet on Linux version of SystemBC
SystemBC