Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-04-09NCSC UKASD, BND, Bundesamt für Verfassungsschutz, Canadian Centre for Cyber Security (CCCS), FBI, NCSC UK, New Zealand National Cyber Security Centre (NZ NCSC), NSA
Advisory: BADBAZAAR and MOONSHINE: Spyware targeting Uyghur, Taiwanese and Tibetan groups and civil society actors
badbazaar
2025-04-08MicrosoftMicrosoft Threat Intelligence
Exploitation of CLFS zero-day leads to ransomware activity
RansomEXX Storm-2460
2025-04-08TrustwaveNikita Kazymirskyi, Serhii Melnyk
A deep Dive into the Leaked Black Basta Chat Logs
Black Basta Black Basta
2025-04-08SeqriteSathwik Ram Prakki
Goodbye HTA, Hello MSI: New TTPs and Clusters of an APT driven by Multi-Platform Attacks
CurlBack RAT XenoRAT
2025-04-08Hunt.ioHunt.io
State-Sponsored Tactics: How Gamaredon and ShadowPad Operate and Rotate Their Infrastructure
ShadowPad
2025-04-07SOC PrimeVeronika Telychko
UAC-0226 Attack Detection: New Cyber-Espionage Campaign Targeting Ukrainian Innovation Hubs and Government Entities with GIFTEDCROOK Stealer
GIFTEDCROOK UAC-0219 UAC-0226
2025-04-06Cert-UACert-UA
Target espionage activity UAC-0226 in relation to the centers of innovation, state and law enforcement services using the GIFTEDCROOK (CERT-UA#14303)
GIFTEDCROOK UAC-0226
2025-04-05The RecordJames Reddick
Maryland pharmacist used keyloggers to spy on coworkers for a decade, victim alleges
2025-04-04The Hacker NewsRavie Lakshmanan
OPSEC Failure Exposes Coquettte's Malware Campaigns on Bulletproof Hosting Servers
Rugmi
2025-04-04SocketSocket
Lazarus Expands Malicious npm Campaign: 11 New Packages Add Malware Loaders and Bitbucket Payloads
BeaverTail InvisibleFerret
2025-04-03SOC PrimeVeronika Telychko
UAC-0219 Attack Detection: A New Cyber-Espionage Campaign Using a PowerShell Stealer WRECKSTEEL
WRECKSTEEL UAC-0219
2025-04-03MicrosoftMicrosoft Threat Intelligence
Threat actors leverage tax season to deploy tax-themed phishing campaigns
Brute Ratel C4 CloudEyE Latrodectus Remcos Storm-0249
2025-04-03MandiantJacob Thompson, John Wolfram, Josh Murchie, Matt Lin, Michael Edie
Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457)
SPAWNSNARE
2025-04-03ThreatMonAziz Kaplan, ThreatMon, ThreatMon Malware Research Team
Ransomhub Group & New Betruger Backdoor Technical Malware Analysis Report
2025-04-02ANALYST1analyst1
Inside BlackBasta: Actor Profiles, Extortion Tactics & Finances
Black Basta Black Basta
2025-04-02BushidoTokenBushidoToken
Tracking Adversaries: EvilCorp, the RansomHub affiliate
RansomHub
2025-04-02Intel 471Intel 471
An in-depth look at Black Basta's TTPs
Black Basta Black Basta
2025-04-01Hunt.ioHunt.io
Same Russian-Speaking Threat Actor, New Tactics: Abuse of Cloudflare Services for Phishing and Telegram to Filter Victim IPs
Pyramid
2025-04-01Cert-UACert-UA
UAC-0219: Cyber ​​espionage using PowerShell stealer WRECKSTEEL (CERT-UA#14283)
WRECKSTEEL UAC-0219 UAC-0226
2025-04-01ZW01fMohamed Ezat
Auto-color - Linux backdoor
Auto-Color