Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-04-07The RecordDaryna Antoniuk
Flaw in ESET security software used to spread malware from ToddyCat group
2025-04-07ANY.RUNANY.RUN
ValleyRAT
ValleyRAT
2025-04-06Cert-UACert-UA
Target espionage activity UAC-0226 in relation to the centers of innovation, state and law enforcement services using the GIFTEDCROOK (CERT-UA#14303)
GIFTEDCROOK UAC-0226
2025-04-06GridinsoftGridinsoft Cyber Security
How to Remove Lilith RAT: Complete Removal Guide
Lilith puNK-003
2025-04-04Youtube (greenplan)greenplan
[BINARY REFINERY] (StegoCampaign) - Deobfuscation of a VBScript stage (PART 2)
2025-04-04US District Court Middle District of FloridaUS District Court Middle District of Florida
United States of America v. Noah Michael Urban
2025-04-03SOC PrimeVeronika Telychko
UAC-0219 Attack Detection: A New Cyber-Espionage Campaign Using a PowerShell Stealer WRECKSTEEL
WRECKSTEEL UAC-0219
2025-04-03MicrosoftMicrosoft Threat Intelligence
Threat actors leverage tax season to deploy tax-themed phishing campaigns
Brute Ratel C4 CloudEyE Latrodectus Remcos Storm-0249
2025-04-03MandiantJacob Thompson, John Wolfram, Josh Murchie, Matt Lin, Michael Edie
Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457)
SPAWNSNARE
2025-04-03ThreatMonAziz Kaplan, ThreatMon, ThreatMon Malware Research Team
Ransomhub Group & New Betruger Backdoor Technical Malware Analysis Report
2025-04-02BushidoTokenBushidoToken
Tracking Adversaries: EvilCorp, the RansomHub affiliate
RansomHub
2025-04-02Intel 471Intel 471
An in-depth look at Black Basta's TTPs
Black Basta Black Basta
2025-04-01Hunt.ioHunt.io
Same Russian-Speaking Threat Actor, New Tactics: Abuse of Cloudflare Services for Phishing and Telegram to Filter Victim IPs
Pyramid
2025-04-01ANY.RUNAdhikara
Salvador Stealer: New Android Malware That Phishes Banking Details & OTPs
Salvador Stealer
2025-04-01ZW01fMohamed Ezat
Auto-color - Linux backdoor
Auto-Color
2025-03-31SeqriteMahua Chakrabarthy, Sanjay Katkar
Operation HollowQuill: Malware delivered into Russian R&D Networks via Research Decoy PDFs
Cobalt Strike HollowQuill
2025-03-31Trend MicroLenart Bermejo, Ted Lee, Theo Chen
The Espionage Toolkit of Earth Alux: A Closer Look at its Advanced Techniques
Godzilla Webshell Cobalt Strike RAILSETTER Earth Alux
2025-03-28Trend MicroAhmed Mohamed Ibrahim, Aliakbar Zahravi
A Deep Dive into Water Gamayun’s Arsenal and Infrastructure
DarkWisp SilentPrism Kematian Stealer Rhadamanthys Stealc Water Gamayun
2025-03-28cybleCyble
TsarBot: A New Android Banking Trojan Targeting Over 750 Banking, Finance, and Cryptocurrency Applications
TsarBot
2025-03-28ThreatFabricThreatFabric
Exposing Crocodilus: New Device Takeover Malware Targeting Android Devices
Crocodilus