Malpedia Library

Click here to download all references as Bib-File.•

2025-12-30 ⋅ US Department of Justice ⋅ Office of Public Affairs
Two Americans Plead Guilty to Targeting Multiple U.S. Victims Using ALPHV BlackCat Ransomware
BlackCat BlackCat

2025-12-30 ⋅ abuse.ch ⋅ abuse.ch
MalwareBazaar | MaskGramStealer
MaskGramStealer

2025-12-29 ⋅ LinkedIn (Idan Tarab) ⋅ Idan Tarab
Active Spear-Phishing Campaign Targeting Israeli Security-Related Individuals — Infrastructure Linked to APT42 (Hashtag#CharmingKitten)

2025-12-28 ⋅ Twitter (@CharlieEriksen) ⋅ Charlie Eriksen
Tweet about sightings of a new Shai Hulud version
Shai-Hulud

2025-12-24 ⋅ Cloudsek ⋅ Koushik Pal, somedieyoungZZ
Silver Fox Targeting India Using Tax Themed Phishing Lures
ValleyRAT Winos

2025-12-23 ⋅ secpod ⋅ Santosh Sethuraman
Zero-Day Crisis: CVE-2025-20393 Unpatched on Cisco Email Gateways, Exploited by China-Linked Hackers
UAT-9686

2025-12-22 ⋅ Medium Ireneusz Tarnowski ⋅ Ireneusz Tarnowski
Operational Analysis of Communication Channels in Mobile RCS
SpyFRPTunnel

2025-12-21 ⋅ Genians ⋅ Genians
Operation Artemis: Analysis of HWP-Based DLL Side Loading Attacks
RokRAT

2025-12-19 ⋅ Botbrawl ⋅ Sean Doyle
Chinese APT LongNosedGoblin Targets Government Networks in Southeast Asia and Japan
NosyDownloader LongNosedGoblin

2025-12-19 ⋅ cyble ⋅ Cyble
Stealth in Layers: Unmasking the Loader used in Targeted Email Campaigns
DCRat Katz Stealer PhantomVAI PureLogs Stealer Remcos XWorm

2025-12-18 ⋅ Acronis ⋅ Acronis Security
Acronis TRU Alliance {Hunt.io}: Hunting DPRK threats - New Global Lazarus & Kimsuky campaigns
BADCALL POOLRAT Quasar RAT

2025-12-18 ⋅ Gen Digital Inc ⋅ Vojtěch Krejsa
Gen Blogs | Defeating AuraStealer: Practical Deobfuscation Workflows for Modern Infostealers
Aura Stealer

2025-12-18 ⋅ ESET Research ⋅ Anton Cherepanov, Peter Strýček
LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan
NosyDownloader

2025-12-18 ⋅ BlackPoint ⋅ Nevan Beal, Sam Decker
New MintsLoader Variant Using Hashtable Obfuscation
MintsLoader

2025-12-17 ⋅ Recorded Future ⋅ Insikt Group
PurpleBravo’s Targeting of the IT Software Supply Chain
BeaverTail InvisibleFerret PylangGhost GolangGhost

2025-12-17 ⋅ Crystal Intelligence ⋅ Crystal Intelligence
How we proved North Korea’s blockchain malware campaign
JADESNOW

2025-12-17 ⋅ XLab ⋅ Acey9, Alex.Turing, RootKiter, Wang Hao
Kimwolf Exposed: The Massive Android Botnet with 1.8 Million Infected Devices
Kimwolf Aisuru

2025-12-17 ⋅ Recorded Future ⋅ Insikt Group
BlueDelta’s Persistent Campaign Against UKR.NET

2025-12-16 ⋅ sysdig ⋅ Sysdig Threat Research Team
EtherRAT dissected: How a React2Shell implant delivers 5 payloads through blockchain C2
EtherRAT

2025-12-15 ⋅ Rapid7 ⋅ Milan Spinka
SantaStealer is Coming to Town: A New, Ambitious Infostealer Advertised on Underground Forums
SantaStealer