Malpedia Library

Click here to download all references as Bib-File.•

2025-04-07 ⋅ SOC Prime ⋅ Veronika Telychko
UAC-0226 Attack Detection: New Cyber-Espionage Campaign Targeting Ukrainian Innovation Hubs and Government Entities with GIFTEDCROOK Stealer
GIFTEDCROOK UAC-0219 UAC-0226

2025-04-07 ⋅ The Record ⋅ Daryna Antoniuk
Flaw in ESET security software used to spread malware from ToddyCat group

2025-04-07 ⋅ ANY.RUN ⋅ ANY.RUN
ValleyRAT
ValleyRAT

2025-04-06 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Target espionage activity UAC-0226 in relation to the centers of innovation, state and law enforcement services using the GIFTEDCROOK (CERT-UA#14303)
GIFTEDCROOK UAC-0226

2025-04-06 ⋅ Gridinsoft ⋅ Gridinsoft Cyber Security
How to Remove Lilith RAT: Complete Removal Guide
Lilith puNK-003

2025-04-05 ⋅ The Record ⋅ James Reddick
Maryland pharmacist used keyloggers to spy on coworkers for a decade, victim alleges

2025-04-04 ⋅ ⋅ Youtube (greenplan) ⋅ greenplan
[BINARY REFINERY] (StegoCampaign) - Deobfuscation of a VBScript stage (PART 2)

2025-04-04 ⋅ The Hacker News ⋅ Ravie Lakshmanan
OPSEC Failure Exposes Coquettte's Malware Campaigns on Bulletproof Hosting Servers
Rugmi

2025-04-04 ⋅ US District Court Middle District of Florida ⋅ US District Court Middle District of Florida
United States of America v. Noah Michael Urban

2025-04-04 ⋅ Socket ⋅ Socket
Lazarus Expands Malicious npm Campaign: 11 New Packages Add Malware Loaders and Bitbucket Payloads
BeaverTail InvisibleFerret

2025-04-03 ⋅ SOC Prime ⋅ Veronika Telychko
UAC-0219 Attack Detection: A New Cyber-Espionage Campaign Using a PowerShell Stealer WRECKSTEEL
WRECKSTEEL UAC-0219

2025-04-03 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Threat actors leverage tax season to deploy tax-themed phishing campaigns
Brute Ratel C4 CloudEyE Latrodectus Remcos Storm-0249

2025-04-03 ⋅ Mandiant ⋅ Jacob Thompson, John Wolfram, Josh Murchie, Matt Lin, Michael Edie
Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457)
SPAWNSNARE

2025-04-03 ⋅ ThreatMon ⋅ Aziz Kaplan, ThreatMon, ThreatMon Malware Research Team
Ransomhub Group & New Betruger Backdoor Technical Malware Analysis Report

2025-04-02 ⋅ ASEC ⋅ ASEC
BeaverTail and Tropidoor Malware Distributed via Recruitment Emails
BeaverTail

2025-04-02 ⋅ ANALYST1 ⋅ analyst1
Inside BlackBasta: Actor Profiles, Extortion Tactics & Finances
Black Basta Black Basta

2025-04-02 ⋅ BushidoToken ⋅ BushidoToken
Tracking Adversaries: EvilCorp, the RansomHub affiliate
RansomHub

2025-04-02 ⋅ Intel 471 ⋅ Intel 471
An in-depth look at Black Basta's TTPs
Black Basta Black Basta

2025-04-01 ⋅ Hunt.io ⋅ Hunt.io
Same Russian-Speaking Threat Actor, New Tactics: Abuse of Cloudflare Services for Phishing and Telegram to Filter Victim IPs
Pyramid

2025-04-01 ⋅ ⋅ Cert-UA ⋅ Cert-UA
UAC-0219: Cyber espionage using PowerShell stealer WRECKSTEEL (CERT-UA#14283)
WRECKSTEEL UAC-0219 UAC-0226