Malpedia Library

2025-04-29 ⋅ paloalto Netoworks: Unit42 ⋅ Benjamin Chang, Pranay Kumar Chhaparwal
Gremlin Stealer: New Stealer on Sale in Underground Forum
Gremlin

2025-04-29 ⋅ Nextron Systems ⋅ Maurice Fielenbach
Nitrogen Dropping Cobalt Strike – A Combination of “Chemical Elements”
Cobalt Strike Nitrogen Loader

2025-04-29 ⋅ CERT-FR ⋅ CERT-FR
Targeting and Compromise of French Entities Using the APT28 Intrusion Set
STEELHOOK MASEPIE Mocky LNK OCEANMAP

2025-04-29 ⋅ ⋅ France Diplomatie ⋅ France Diplomatie
Russia – Assignment of cyber attacks against France to the Russian military intelligence service (APT28) (29 April 2025)

2025-04-29 ⋅ Trustwave ⋅ Trustwave SpiderLabs
Yet Another NodeJS Backdoor (YaNB): A Modern Challenge
KongTuke

2025-04-29 ⋅ Recorded Future ⋅ Insikt Group
Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting
FAKEUPDATES MintsLoader GhostWeaver Stealc TAG-124

2025-04-29 ⋅ LinkedIn (Ethical Hackers Academy) ⋅ Ethical Hackers Academy
RansomHub Ransomware Deploys Malware to Breach Corporate Networks
FAKEUPDATES RansomHub

2025-04-28 ⋅ Github (Censys Research) ⋅ Github (Censys-Research)
Public Github Archive of Scout C2
ScoutC2

2025-04-28 ⋅ Censys ⋅ The Censys Research Team
Scouting a Threat Actor

2025-04-28 ⋅ SentinelOne ⋅ Aleksandar Milenkoski, Jim Walter, Tom Hegel
Top Tier Target | What It Takes to Defend a Cybersecurity Company from Today’s Adversaries
PurpleHaze

2025-04-28 ⋅ Infoblox ⋅ Darby Wise, Laura da Rocha, Piotr Glaska
Uncovering Actor TTP Patterns and the Role of DNS in Investment Scams
Reckless Rabbit Ruthless Rabbit

2025-04-28 ⋅ Netresec ⋅ Erik Hjelmvik
Decoding njRAT traffic with NetworkMiner
NjRAT

2025-04-27 ⋅ SentinelOne ⋅ Phil Stokes
Atomic Stealer | Threat Actor Spawns Second Variant of macOS Malware Sold on Telegram
AMOS

2025-04-25 ⋅ HiSolutions ⋅ Maik Würth, Mateo Mrvelj, Nicolas Sprenger
Rolling in the Deep(Web): Lazarus Tsunami
InvisibleFerret tsunami TsunamiKit

2025-04-25 ⋅ Trend Micro ⋅ Nick Dai, Sunny Lu
Earth Kurma APT Campaign Targets Southeast Asian Government, Telecom Sectors
KRNRAT Moriya Earth Kurma

2025-04-25 ⋅ Censys ⋅ Censys
The Persistent Threat of Salt Typhoon: Tracking Exposures of Potentially Targeted Devices
MASOL

2025-04-25 ⋅ Twitter (@teamcymru_S2) ⋅ TEAM CYMRU S2 THREAT RESEARCH
Tweet on North Korean Cyber Ops Leveraging Russian Infrastructure

2025-04-24 ⋅ Kaspersky ⋅ Sojun Ryu, Vasily Berdnikov
Operation SyncHole: Lazarus APT goes back to the well
Bankshot DRATzarus PostNapTea wAgentTea

2025-04-24 ⋅ Mandiant ⋅ Mandiant
M-Trends 2025 Report
Akira Black Basta LockBit SystemBC GootLoader LockBit WIREFIRE Akira Black Basta Cobalt Strike LockBit RansomHub SystemBC Pink Sandstorm

2025-04-24 ⋅ Positive Technologies ⋅ PT Expert Security Center
Crypters And Tools. Part 2: Different Paws — Same Tangle