Malpedia Library

Click here to download all references as Bib-File.•

2026-01-20 ⋅ FalconFeeds ⋅ FalconFeeds
Inside Iran’s APT Network: Profiling the Most Active Iranian State‑Linked Threat Actors

2026-01-20 ⋅ Jamf Blog ⋅ Thijs Xhaflaire
Threat Actors Expand Abuse of Microsoft Visual Studio Code

2026-01-19 ⋅ Swiss Post Cybersecurity ⋅ Louis Schürmann
Don't Judge a PNG by Its Header: PURELOGS Infostealer Analysis
PureLogs Stealer

2026-01-19 ⋅ AhnLab ⋅ ASEC
Proxyware Disguised as Notepad++ Tool
Larva‑25012

2026-01-19 ⋅ OpenSourceMalware ⋅ Paul McCarty
Contagious Interview gets an upgrade for 2026 - A comprehensive analysis by OpenSourceMalware
OtterCandy

2026-01-18 ⋅ malware source code ⋅ smelly
Smokest Stealer, a new malware family? Maybe?
Smokest Stealer

2026-01-16 ⋅ WithSecure ⋅ Mohammad Kazem Hassan Nejad
To the past and beyond: Andariel’s latest arsenal and cyberattacks
GopherRAT JelusRAT PetitPotato

2026-01-16 ⋅ sysdig ⋅ Sysdig Threat Research Team
VoidLink threat analysis: Sysdig discovers C2-compiled kernel rootkits
VoidLink

2026-01-15 ⋅ CyberArk ⋅ Ari Novick
UNO reverse card: stealing cookies from cookie stealers
Stealc

2026-01-15 ⋅ ANALYST1 ⋅ Anastasia Sentsova
Infrastructure in the Shadows: How Two Leaks Unmasked the Criminal Network of Yalishanda aka Media Land, and BlackBasta
Black Basta Black Basta

2026-01-15 ⋅ Sansec ⋅ Sansec Forensics Team
Keylogger targets 200,000+ employees at major US bank

2026-01-15 ⋅ Cisco Talos ⋅ Asheer Malhotra, Brandon White, Vitor Ventura
UAT-8837 targets critical infrastructure sectors in North America
Earthworm Rubeus SharpHound SharpWMI UAT-8837

2026-01-15 ⋅ Expel ⋅ AARON WALTON
Planned failure: Gootloader’s malformed ZIP actually works perfectly
GootLoader

2026-01-14 ⋅ Jamf Blog ⋅ Nir Avraham, Shen Yuan
Predator's kill switch: undocumented anti-analysis techniques in iOS spyware
Predator

2026-01-14 ⋅ R136a1 ⋅ Dominik Reichel
COMmand & Evade: Turla's Kazuar v3 Loader
Kazuar

2026-01-14 ⋅ Hunt.io ⋅ Hunt.io
Inside China’s Hosting Ecosystem: 18,000+ Malware C2 Servers Mapped Across Major ISPs

2026-01-14 ⋅ Trellix ⋅ Mallikarjun Wali, Mohideen Abdul Khader
Hiding in Plain Sight: Deconstructing the Multi-Actor DLL Sideloading Campaign abusing ahost.exe
DCRat

2026-01-14 ⋅ S2W Inc. ⋅ Byeongyeol An
Detailed Analysis of DragonForce Ransomware
DragonForce

2026-01-14 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Inside RedVDS: How a single virtual desktop provider fueled worldwide cybercriminal operations

2026-01-13 ⋅ Medium @0xOZ ⋅ OZ
How to Get Scammed (by DPRK Hackers)
JADESNOW