Malpedia Library

Click here to download all references as Bib-File.•

2025-10-30 ⋅ Gen Digital ⋅ Alexandru-Cristian Bardaș
DPRK’s Playbook: Kimsuky’s HttpTroy and Lazarus’s New BLINDINGCAN Variant
ComeBacker DRATzarus NikiTeaR

2025-10-30 ⋅ Twitter (@DarkWebInformer) ⋅ Dark Web Informer
Tweet about Aisuru C2 being on top of Cloudflare Radar / Top100 domain
Aisuru

2025-10-29 ⋅ Qianxin ⋅ Acey9, Alex.Turing
Smoking Gun Uncovered: RPX Relay at PolarEdge’s Core Exposed
PolarEdge

2025-10-28 ⋅ KrebsOnSecurity ⋅ Brian Krebs
Aisuru Botnet Shifts from DDoS to Residential Proxies
Aisuru

2025-10-28 ⋅ ThreatFabric ⋅ ThreatFabric
New Android Malware Herodotus Mimics Human Behaviour to Evade Detection

2025-10-28 ⋅ Kaspersky ⋅ Omar Amin, Sojun Ryu
Crypto wasted: BlueNoroff’s ghost mirage of funding and jobs

2025-10-27 ⋅ BartBlaze
Earth Estries alive and kicking

2025-10-27 ⋅ Kaspersky ⋅ Boris Larin
Mem3nt0 mori – The Hacking Team is back!
Dante

2025-10-25 ⋅ MandarNaik016 ⋅ Mandar Naik
Malware Analysis - VIP Keylogger - Part 2
VIP Keylogger

2025-10-23 ⋅ ESET Research ⋅ Alexis Rapin, Peter Kálnai
Gotta fly: Lazarus targets the UAV sector
BURNBOOK QuanPinLoader ScoringMathTea

2025-10-23 ⋅ Twitter (@salmanvsf) ⋅ Salman Shaikh
Tweet about Discovery of Smile PaaS admin panel

2025-10-22 ⋅ Trend Micro ⋅ Daniel Lunghi, Joseph C Chen, Lenart Bermejo, Leon M Chang, Vickie Su
The Rise of Collaborative Tactics Among China-aligned Cyber Espionage Campaigns
Cobalt Strike DracuLoader ShadowPad

2025-10-22 ⋅ SentinelOne ⋅ Tom Hegel
PhantomCaptcha | Multi-Stage WebSocket RAT Targets Ukraine in Single-Day Spearphishing Operation
Princess

2025-10-22 ⋅ Cyderes ⋅ Rahul Ramesh
Chrome Installer Impersonation Campaign Targets China-Based Victims with ValleyRAT Trojan
BlindEDR ValleyRAT

2025-10-21 ⋅ HarfangLab ⋅ HarfangLab CTR
RudePanda owns IIS servers like it's 2003
TOLLBOOTH

2025-10-21 ⋅ Elastic ⋅ Andrew Pease, Braxton Williams, Daniel Stepanic, Jia Yu Chan, Salim Bitam, Seth Goodwin
TOLLBOOTH: What's yours, IIS mine
TOLLBOOTH

2025-10-20 ⋅ Darktrace ⋅ Nathaniel Jones, Sam Lister
Salty Much: Darktrace’s view on a recent Salt Typhoon intrusion
SNAPPYBEE

2025-10-20 ⋅ Medium Deriv-Tech ⋅ Shantanu Ghumade
How a fake AI recruiter delivers five staged malware disguised as a dream job
BeaverTail OtterCookie InvisibleFerret

2025-10-20 ⋅ Google ⋅ Wesley Shields
To Be (A Robot) or Not to Be: New Malware Attributed to Russia State-Sponsored COLDRIVER
MAYBEROBOT NOROBOT YESROBOT

2025-10-20 ⋅ Ransom-ISAC ⋅ Ellis Stannard
Cross-Chain TxDataHiding Crypto Heist: A Very Chainful Process (Part 1)
JADESNOW