Malpedia Library

Click here to download all references as Bib-File.•

2025-09-04 ⋅ Seqrite ⋅ Sathwik Ram Prakki, Subhajeet Singha
Operation BarrelFire: NoisyBear targets entities linked to Kazakhstan’s Oil & Gas Sector.
Meterpreter

2025-09-04 ⋅ Recorded Future ⋅ Insikt Group
From CastleLoader to CastleRAT: TAG-150 Advances Operations with Multi-Tiered Infrastructure
NightshadeC2

2025-09-04 ⋅ SentinelOne ⋅ Aleksandar Milenkoski, Kenneth Kinion, Sreekar Madabushi
Contagious Interview | North Korean Threat Actors Reveal Plans and Ops by Abusing Cyber Intel Platforms
ContagiousDrop

2025-09-04 ⋅ The Register ⋅ Iain Thomson
US puts $10M bounty on three Russians accused of attacking critical infrastructure

2025-09-04 ⋅ eSentire ⋅ eSentire Threat Response Unit (TRU)
New Botnet Emerges from the Shadows: NightshadeC2
NightshadeC2 NightshadeC2

2025-09-04 ⋅ Twitter (@Laughing_Mantis) ⋅ Greg Linares
Tweet on similarity between GONEPOSTAL/NotDoor and Cordyceps
GONEPOSTAL

2025-09-03 ⋅ Recorded Future ⋅ Insikt Group
Russian Influence Assets Converge on Moldovan Elections
Storm-1516

2025-09-03 ⋅ Darkrym ⋅ Darkrym
PXA Stealers Evolution to PureRAT: Part 6 - Finally, the Final Stage PureRAT (Stage 9)
PureRAT

2025-09-03 ⋅ Proofpoint ⋅ Kyle Cucci, Proofpoint Threat Research Team, Rob Kinner
Not Safe for Work: Tracking and Investigating Stealerium and Phantom Infostealers
Phantom Stealer

2025-09-03 ⋅ Lab52 ⋅ Lab52
Analyzing NotDoor: Inside APT28’s Expanding Arsenal
GONEPOSTAL

2025-09-03 ⋅ Reverse The Malware ⋅ Diyar Saadi
Dropper and Downloader : What is the difference ?

2025-09-02 ⋅ At-Bay ⋅ Aaron Smith, Laurie Iacono, MC, Ricardo Vazquez, Rohit Pappali, Will Botto, Yiwei Guo
Rhysida: Evading Detection, One Service at a Time
Rhysida

2025-09-02 ⋅ Hunt.io ⋅ Hunt.io
From Panel to Payload: Inside the TinyLoader Malware Operation
XTinyLoader

2025-09-02 ⋅ BitSight ⋅ Pedro Umbelino
RapperBot: From Infection to DDoS in a Split Second
RapperBot

2025-09-02 ⋅ Reverse The Malware ⋅ Diyar Saadi
Agent and Malware: What is the difference?

2025-09-01 ⋅ Fox-IT ⋅ Mick Koomen, Yun Zheng Hu
Three Lazarus RATs coming for your cheese
ThemeForestRAT

2025-09-01 ⋅ cocomelonc ⋅ cocomelonc
MacOS hacking part 11: bind shell for ARM (M1). Simple Assembly (M1) and C (run shellcode) examples

2025-08-31 ⋅ Darkrym ⋅ Darkrym
PXA Stealers Evolution to PureRAT: Part 3 - Weaponised Python Stage (Stage 5)
PXA Stealer

2025-08-29 ⋅ Amazon ⋅ CJ Moses
Amazon disrupts watering hole campaign by Russia’s APT29

2025-08-29 ⋅ Nextron Systems ⋅ Pezier Pierre-Henri
Sindoor Dropper: New Phishing Campaign
Sindoor