Malpedia Library

Click here to download all references as Bib-File.•

2025-09-30 ⋅ Bloomberg ⋅ Emily Forgash
China Hackers Breached Foreign Ministers' Emails, Palo Alto Says

2025-09-30 ⋅ Google ⋅ Aswad Robinson, Bhavesh Dhake, Laith Al, Matthew McWhirt, Michael Rudden, Omar ElAhdan
Cybercrime Observations from the Frontlines: UNC6040 Proactive Hardening Recommendations

2025-09-30 ⋅ Synthient ⋅ Synthient
GhostSocks: From Initial Access to Residential Proxy
GhostSocks Lumma Stealer

2025-09-26 ⋅ BlackPoint ⋅ Nevan Beal, Sam Decker
Malicious Teams Installers Drop Oyster Malware
Broomstick

2025-09-25 ⋅ Trend Micro ⋅ Jacob Santos, Sarah Pearl Camiling
New LockBit 5.0 Targets Windows, Linux, ESXi
LockBit LockBit

2025-09-25 ⋅ Koi Security ⋅ Idan Dardikman
First Malicious MCP in the Wild: The Postmark Backdoor That's Stealing Your Emails

2025-09-24 ⋅ Google ⋅ Ashley Pearson, Austin Larsen, BRAD SLAYBAUGH, Doug Bienstock, Geoff Carstairs, John Wolfram, Josh Madeley, Josh Murchie, Matt Lin, Sarah Yoder
Another BRICKSTORM: Stealthy Backdoor Enabling Espionage into Tech and Legal Sectors
BRICKSTORM

2025-09-24 ⋅ The Hacker News ⋅ Ravie Lakshmanan
Chinese Hackers RedNovember Target Global Governments Using Pantegana and Cobalt Strike
Cobalt Strike Leslieloader Pantegana SparkRAT Storm-2077

2025-09-23 ⋅ Bleeping Computer ⋅ Bill Toulas
Cloudflare mitigates new record-breaking 22.2 Tbps DDoS attack
Aisuru

2025-09-23 ⋅ Zscaler ⋅ Zscaler
YiBackdoor: A New Malware Family With Links to IcedID and Latrodectus
YiBackdoor

2025-09-19 ⋅ BlackPoint ⋅ Caden Toellner, Nevan Beal, Sam Decker
KeyZero: A Custom PowerShell RAT

2025-09-19 ⋅ zensec ⋅ zensec
Unmasking Akira: The ransomware tactics you can’t afford to ignore
Akira Akira

2025-09-18 ⋅ Hunt.io ⋅ Hunt.io
Tracking AsyncRAT via Trojanized ScreenConnect and Open Directories
AsyncRAT

2025-09-18 ⋅ Lumen ⋅ Black Lotus Labs
SystemBC – Bringing the Noise
SystemBC SystemBC

2025-09-17 ⋅ Bitdefender ⋅ Bogdan Zavadovschi
EggStreme Malware: Unpacking a New APT Framework Targeting a Philippine Military Company

2025-09-17 ⋅ Morado ⋅ Jayden Palacios
GLOBAL Ransomware - New Tactics Revealed
Global

2025-09-16 ⋅ Wiz.io ⋅ Barak Sharoni, Merav Bar, Rami McCarthy
Shai-Hulud: Ongoing Package Supply Chain Worm Delivering Data-Stealing Malware
Shai-Hulud

2025-09-15 ⋅ DeXpose ⋅ M4lcode
Threat Actor Profile: APT27

2025-09-15 ⋅ Qianxin ⋅ Acey9, Alex.Turing, Wang Hao
The Most Powerful Ever? Inside the 11.5Tbps-Scale Mega Botnet AISURU
Aisuru

2025-09-14 ⋅ cocomelonc ⋅ cocomelonc
Malware development: persistence - part 28. CertPropSvc registry hijack. Simple C/C++ example