Malpedia Library

Click here to download all references as Bib-File.•

2026-05-26 ⋅ Intrinsec ⋅ CTI Intrinsec, David Sardinha
Pivoting on a malspam infrastructure delivering JS malware backed by bulletproof networks

2026-05-24 ⋅ cocomelonc ⋅ cocomelonc
Malware shellcode delivery via signal - part 1. FSK Basics. Simple python script

2026-05-22 ⋅ Fox-IT ⋅ Mick Koomen, Yun Zheng Hu
RemotePE: The Lazarus RAT that lives in memory
DPAPILoader RemotePE

2026-05-22 ⋅ Check Point ⋅ Checkpoint Research
Fast and Furious – Nimbus Manticore Operations During the Iranian Conflict
MiniFast

2026-05-22 ⋅ Trend Micro ⋅ Kazuki Fujisawa
Analyzing Void Dokkaebi’s Cython-Compiled InvisibleFerret Malware
BeaverTail InvisibleFerret

2026-05-21 ⋅ PWC ⋅ PwC Threat Intelligence
Inside Red Lamassu’s JFMBackdoor
JFMBackdoor Calypso

2026-05-20 ⋅ Seqrite Labs ⋅ Dixit Panchal, Kartik Jivani, Vaibhav Krushna Billade
Operation Dragon Whistle: UNG0002 Targets Chinese Academia via Weaponized Institutional Lure
Cobalt Strike

2026-05-20 ⋅ Hackernoon ⋅ Mrwriteup
ZeffSec Resurfaces on Telegram, Claims Breach of Gozine2.ir
ZeffSec

2026-05-20 ⋅ K7 Security ⋅ Srinivasan E
Fake Microsoft Teams download sites are being used to deliver ValleyRAT via DLL sideloading
ValleyRAT

2026-05-19 ⋅ Trend Micro ⋅ Aldrin Ceriola, Gabriel Nicoleta, Jovit Samaniego, Mohamed Fahmy
Inside SHADOW-WATER-063’s Banana RAT: From Build Server to Banking Fraud
Banana RAT SHADOW-WATER-063

2026-05-18 ⋅ Microsoft ⋅ Microsoft Defender Security Research Team
How Storm-2949 turned a compromised identity into a cloud-wide breach
Storm-2949

2026-05-18 ⋅ Zynap ⋅ Oscar Gallego
Zynap’s Next-Gen Sandbox Redefines Automatic Malware Analysis
Black Basta HijackLoader

2026-05-18 ⋅ Gen Threat Labs ⋅ Gen Threat Labs
X.com - Gen Threat Labs - AuraStealer (version 1.8.0)
Aura Stealer

2026-05-17 ⋅ Github (zanez) ⋅ Irvin Martínez González
Analysis on Malware that attacks Israel's Water treatment facilities
ZionSiphon

2026-05-16 ⋅ Derp ⋅ Matt Kirkland
Vidar v1.5 in Go: same family, new language, heavy sandbox checks
Vidar

2026-05-14 ⋅ ESET Research ⋅ ESET Research
FrostyNeighbor: Fresh mischief and digital shenanigans
Cobalt Strike PicassoLoader

2026-05-14 ⋅ ANY.RUN ⋅ Moises Cerqueira
LATAM Under Siege: Agent Tesla’s 18-Month Credential Theft Campaign Against Chilean Enterprises
Agent Tesla

2026-05-14 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Kazuar: Anatomy of a nation-state botnet
Kazuar

2026-05-13 ⋅ HarfangLab ⋅ HarfangLab CTR
Gamaredon’s infection chain: Spoofed emails, GammaDrop and GammaLoad
GammDrop GammaLoad

2026-05-13 ⋅ Check Point Research ⋅ Checkpoint Research
THUS SPOKE…THE GENTLEMEN
Gentlemen