Malpedia Library

Click here to download all references as Bib-File.•

2025-05-22 ⋅ Elastic ⋅ Daniel Stepanic
De-obfuscating ALCATRAZ
DOUBLELOADER Rhadamanthys

2025-05-22 ⋅ Recorded Future ⋅ Insikt Group
Russia-Aligned TAG-110 Targets Tajikistan with Macro-Enabled Word Templates
CHERRYSPY HATVIBE

2025-05-22 ⋅ Sekoia ⋅ Félix Aime, Jeremy Scion
ViciousTrap – Infiltrate, Control, Lure: Turning edge devices into honeypots en masse.
ViciousTrap

2025-05-22 ⋅ Cisco Talos ⋅ Asheer Malhotra, Brandon White
UAT-6382 exploits Cityworks zero-day vulnerability to deliver malware
Tetra Loader UAT-6382

2025-05-22 ⋅ Flashpoint ⋅ Flashpoint
Operation Endgame: Global Law Enforcement Takes Down DanaBot Malware Scheme
DanaBot

2025-05-21 ⋅ Trendmicro ⋅ Junestherry Dela Cruz
TikTok Videos Promise Pirated Apps, Deliver Vidar and StealC Infostealers Instead
Stealc Vidar

2025-05-21 ⋅ Datadog ⋅ Andy Giron, Eslam Salem, Ian Kretz, Tesnim Hamdouni
The obfuscation game: MUT-9332 targets Solidity developers via malicious VS Code extensions
Unidentified 122 (Stealer)

2025-05-21 ⋅ Bleeping Computer ⋅ Bill Toulas
Russia to enforce location tracking app on all foreigners in Moscow

2025-05-20 ⋅ ⋅ Kaspersky ⋅ AMR
Pure harm: PureRAT attacks Russian organizations
PureRAT

2025-05-20 ⋅ Luigi Martire, Pierluigi Paganini
Sarcoma Ransomware Unveiled: Anatomy of a Double Extortion Gang
Sarcoma

2025-05-20 ⋅ European Council ⋅ Council of the European Union
Russian hybrid threats: EU lists further 21 individuals and 6 entities and introduces sectoral measures in response to destabilising activities against the EU, its member states and international partners

2025-05-20 ⋅ Acronis ⋅ Jozsef Gegeny, Prakas Thevendaran, Santiago Pontiroli
From banks to battalions: SideWinder’s attacks on South Asia’s public sector

2025-05-16 ⋅ Hive Pro ⋅ Hive Pro
TransferLoader: The Malware That Outsmarts Security
TransferLoader

2025-05-16 ⋅ AhnLab ⋅ ASEC
DBatLoader (ModiLoader) Being Distributed to Turkish Users
DBatLoader

2025-05-16 ⋅ Gdata ⋅ Karsten Hahn
Printer company provided infected software downloads for half a year
SnipVex

2025-05-15 ⋅ DTEX ⋅ DTEX
Exposing DPRK's Cyber Syndicate and Hidden IT Workforce

2025-05-15 ⋅ ⋅ EST Security ⋅ Alyac
Beware of Backdoor Malware being Distributed by Exploiting Legitimate Certificates!
NikiHTTP

2025-05-15 ⋅ ESET Research ⋅ Matthieu Faou
Operation RoundPress
SpyPress

2025-05-14 ⋅ Zscaler ⋅ ThreatLabZ research team
Technical Analysis of TransferLoader
Morpheus TransferLoader

2025-05-14 ⋅ ⋅ Ministère des Armées ⋅ Ministère des Armées
Storm-1516 or the underside of a Russian influence operation
Storm-1516