Malpedia Library

Click here to download all references as Bib-File.•

2025-06-05 ⋅ Hunt.io ⋅ Hunt.io
Abusing Paste.ee to Deploy XWorm and AsyncRAT Across Global C2 Infrastructure
AsyncRAT XWorm

2025-06-05 ⋅ FBI ⋅ FBI
Alert Number: I-060525-PSA - Home Internet Connected Devices Facilitate Criminal Activity
BADBOX

2025-06-05 ⋅ Cisco Talos ⋅ Asheer Malhotra, Dmytro Korzhevin, Jacob Finn
Newly identified wiper malware “PathWiper” targets critical infrastructure in Ukraine
PathWiper

2025-06-05 ⋅ Mobile-Hacker ⋅ mh
Analysis of Spyware That Helped to Compromise a Syrian Army from Within
SpyMax

2025-06-04 ⋅ Threatray ⋅ Abdallah Elshinbary, Jonas Wagner, Konstantin Klinger, Nick Attfield
The Bitter End: Unraveling Eight Years of Espionage Antics – Part Two
AlmondRAT AlmondRAT Artra Downloader BDarkRAT Havoc KiwiStealer KugelBlitz MiyaRAT ORPCBackdoor WmRAT ZxxZ

2025-06-04 ⋅ Proofpoint ⋅ Abdallah Elshinbary, Jonas Wagner, Konstantin Klinger, Nick Attfield
The Bitter End: Unraveling Eight Years of Espionage Antics—Part One
Artra Downloader Havoc

2025-06-03 ⋅ ThreatFabric ⋅ ThreatFabric
Crocodilus Mobile Malware: Evolving Fast, Going Global
Crocodilus

2025-05-28 ⋅ Medium (@mvaks) ⋅ mvaks
Bombardino Crocodilo in Poland — analysis of IKO Lokaty mobile malware campaign
Crocodilus

2025-05-28 ⋅ Rapid7 ⋅ Anna Širokova, Ivan Feigl
NSIS Abuse and sRDI Shellcode: Anatomy of the Winos 4.0 Campaign
Winos

2025-05-28 ⋅ EclecticIQ ⋅ Alon Gal, Arda Büyükkaya
Pakistan Telecommunication Company (PTCL) Targeted by Bitter APT During Heightened Regional Conflict
WmRAT

2025-05-28 ⋅ Google ⋅ Patrick Whitsell
Mark Your Calendar: APT41 Innovative Tactics
TOUGHPROGRESS

2025-05-28 ⋅ Trustwave ⋅ Cris Tomboc, King Orande
PhaaS the Secrets: The Hidden Ties Between Tycoon2FA and Dadsec's Operations

2025-05-27 ⋅ DomainTools ⋅ DomainTools
Inside a VenomRAT Malware Campaign
Venom RAT

2025-05-27 ⋅ DCSO ⋅ Bennet Conrads, Denis Szadkowski, Johann Aydinbas, Moaath Oudeh
SafePay: The new kid on the block
SafePay

2025-05-27 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
New Russia-affiliated actor Void Blizzard targets critical sectors for espionage
Void Blizzard

2025-05-27 ⋅ AIVD ⋅ AIVD
AIVD and MIVD identify new Russian cyber threat actor

2025-05-26 ⋅ Yonhap News Agency ⋅ Kim Boram
Investigation into SK Telecom data breach expands to KT, LG Uplus: sources
BPFDoor

2025-05-22 ⋅ Elastic ⋅ Daniel Stepanic
De-obfuscating ALCATRAZ
DOUBLELOADER Rhadamanthys

2025-05-22 ⋅ Recorded Future ⋅ Insikt Group
Russia-Aligned TAG-110 Targets Tajikistan with Macro-Enabled Word Templates
CHERRYSPY HATVIBE

2025-05-22 ⋅ Sekoia ⋅ Félix Aime, Jeremy Scion
ViciousTrap – Infiltrate, Control, Lure: Turning edge devices into honeypots en masse.