Malpedia Library

Click here to download all references as Bib-File.•

2025-08-19 ⋅ IBM X-Force ⋅ Raymond Joseph Alfonso
IBM X-Force Threat Analysis: QuirkyLoader - A new malware loader delivering infostealers and RATs
QuirkyLoader

2025-08-19 ⋅ Red Canary ⋅ Chris Brook, Christina Johns, Tyler Edmonds
Patching for persistence: How DripDropper Linux malware moves through the cloud

2025-08-18 ⋅ Trellix ⋅ Alex Lanstein, Pham Duy Phuc
The Coordinated Embassy Hunt: Unmasking the DPRK-linked GitHub C2 Espionage Campaign
XenoRAT

2025-08-18 ⋅ Medium RaghavtiResearch ⋅ BeGoodToAll
Qilin Ransomware-as-a-Service: Threat Analysis and Strategic Outlook
Qilin AgendaCrypt

2025-08-15 ⋅ cocomelonc ⋅ cocomelonc
Malware development trick 50: phishing attack using a fake login page with Telegram exfiltration. Simple Javascript example.

2025-08-15 ⋅ Cisco Talos ⋅ Asheer Malhotra, Brandon White, Vitor Ventura
UAT-7237 targets Taiwanese web hosting infrastructure
SoundBill UAT-7237

2025-08-15 ⋅ Bleeping Computer ⋅ Bill Toulas
Colt Telecom attack claimed by WarLock ransomware, data up for sale
WarLock

2025-08-14 ⋅ ⋅ Secui ⋅ Secui
Threat Trends Report, Week 2 of August 2025
Charon

2025-08-14 ⋅ Censys ⋅ Himaja Motheram
2025 State of the Internet: Digging into Residential Proxy Infrastructure
PolarEdge

2025-08-13 ⋅ Intezer ⋅ Nicole Fishbein
Threat Bulletin: Fire in the Woods – A New Variant of FireWood
FireWood

2025-08-13 ⋅ Gdata ⋅ Karsten Hahn
JustAskJacky: AI causes a Trojan Horse Comeback
TamperedChef

2025-08-12 ⋅ NVISO Labs ⋅ Efstratios Lontzetidis
Shedding Light on PoisonSeed’s Phishing Kit
PoisonSeed

2025-08-12 ⋅ Bitdefender ⋅ Victor Vrabie
Curly COMrades: A New Threat Actor Targeting Geopolitical Hotbeds Victor Vrabie
RMS Curly COMrades

2025-08-12 ⋅ The New York Times ⋅ Adam Goldman, Glenn Thrush, Mattathias Schwartz
Russia Is Suspected to Be Behind Breach of Federal Court Filing System

2025-08-12 ⋅ bluecyber ⋅ Khắc Minh
Analysis of a ClickFix malware attack
Vidar

2025-08-12 ⋅ Netresec ⋅ Erik Hjelmvik
PureRAT = ResolverRAT = PureHVNC
PureRAT

2025-08-11 ⋅ ESET Research ⋅ Anton Cherepanov, Damien Schaeffer, Peter Strýček
Update WinRAR tools now: RomCom and others exploiting zero-day vulnerability
dynamichttp

2025-08-11 ⋅ cocomelonc ⋅ cocomelonc
Malware development trick 49: abusing Azure DevOps REST API for covert data channels. Simple C examples.
AllaKore

2025-08-10 ⋅ DEFCON 33 ⋅ Seongsu Park
Blurred Lines of Cyber Threat Attribution: The Evolving Tactics of North Korean Cyber Threat Actors

2025-08-08 ⋅ Koi Security ⋅ Tuval Admoni
GreedyBear: 650 Attack Tools, One Coordinated Campaign
GreedyBear