Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-09-09S2W Inc.S2W TALON
Kimsuky’s Use of GitHub for Malware Delivery and Exfiltration
RandomQuery
2025-09-09Huntress LabsJamie Levy, Lindsey O'Donnell-Welch, Michael Tigges
How an Attacker’s Blunder Gave Us a Rare Look Inside Their Day-to-Day Operations
2025-09-09ThreatFabricThreatFabric
The Rise of RatOn: From NFC heists to remote control and ATS
RatOn
2025-09-08FortinetYurren Wan
MostereRAT Deployed AnyDesk/TightVNC for Covert Full Access
MostereRAT
2025-09-08Silent PushSilent Push
Salt Typhoon and UNC4841: Silent Push Discovers New Domains; Urges Defenders to Check Telemetry and Log Data
2025-09-08ZscalerSeongsu Park
APT37 Targets Windows with Rust Backdoor and Python Loader
Rustonotto
2025-09-07360360
APT-C-53 (Gamaredon) Attacks on Ukrainian Government Functions
Pteranodon
2025-09-07Hexastrike CybersecurityMaurice Fielenbach
ValleyRAT Exploiting BYOVD to Kill Endpoint Security
ValleyRAT
2025-09-05Arctic WolfDmitry Kupin, Dmitry Melikov, Jacob Faires, Jon Grimm, Pavel Usatenko
GPUGate Malware: Malicious GitHub Desktop Implants Use Hardware-Specific Decryption, Abuse Google Ads to Target Western Europe
2025-09-05KrollDave Truman, Marc Messer
FANCY BEAR GONEPOSTAL – Espionage Tool Provides Backdoor Access to Microsoft Outlook
GONEPOSTAL
2025-09-04SentinelOneAleksandar Milenkoski, Kenneth Kinion, Sreekar Madabushi
Contagious Interview | North Korean Threat Actors Reveal Plans and Ops by Abusing Cyber Intel Platforms
ContagiousDrop
2025-09-04Recorded FutureInsikt Group
From CastleLoader to CastleRAT: TAG-150 Advances Operations with Multi-Tiered Infrastructure
CastleRAT
2025-09-04The RegisterIain Thomson
US puts $10M bounty on three Russians accused of attacking critical infrastructure
2025-09-04eSentireeSentire Threat Response Unit (TRU)
New Botnet Emerges from the Shadows: NightshadeC2
NightshadeC2 NightshadeC2
2025-09-04Twitter (@Laughing_Mantis)Greg Linares
Tweet on similarity between GONEPOSTAL/NotDoor and Cordyceps
GONEPOSTAL
2025-09-04SeqriteSubhajeet Singha
Operation BarrelFire: NoisyBear targets entities linked to Kazakhstan’s Oil & Gas Sector.
Meterpreter
2025-09-03Lab52Lab52
Analyzing NotDoor: Inside APT28’s Expanding Arsenal
GONEPOSTAL
2025-09-03Reverse The MalwareDiyar Saadi
Dropper and Downloader : What is the difference ?
2025-09-02At-BayAaron Smith, Laurie Iacono, MC, Ricardo Vazquez, Rohit Pappali, Will Botto, Yiwei Guo
Rhysida: Evading Detection, One Service at a Time
Rhysida
2025-09-02Hunt.ioHunt.io
From Panel to Payload: Inside the TinyLoader Malware Operation
XTinyLoader