Malpedia Library

Click here to download all references as Bib-File.•

2025-12-24 ⋅ Cloudsek ⋅ Koushik Pal, somedieyoungZZ
Silver Fox Targeting India Using Tax Themed Phishing Lures
ValleyRAT Winos

2025-12-23 ⋅ secpod ⋅ Santosh Sethuraman
Zero-Day Crisis: CVE-2025-20393 Unpatched on Cisco Email Gateways, Exploited by China-Linked Hackers
UAT-9686

2025-12-22 ⋅ Medium Ireneusz Tarnowski ⋅ Ireneusz Tarnowski
Operational Analysis of Communication Channels in Mobile RCS
SpyFRPTunnel

2025-12-21 ⋅ Genians ⋅ Genians
Operation Artemis: Analysis of HWP-Based DLL Side Loading Attacks
RokRAT

2025-12-19 ⋅ Botbrawl ⋅ Sean Doyle
Chinese APT LongNosedGoblin Targets Government Networks in Southeast Asia and Japan
NosyDownloader LongNosedGoblin

2025-12-19 ⋅ Intezer ⋅ Nicole Fishbein
Tracing a Paper Werewolf campaign through AI-generated decoys and Excel XLLs
EchoGather

2025-12-19 ⋅ cyble ⋅ Cyble
Stealth in Layers: Unmasking the Loader used in Targeted Email Campaigns
DCRat Katz Stealer PhantomVAI PureLogs Stealer Remcos XWorm

2025-12-18 ⋅ Huntress Labs ⋅ Austin Worline, Lindsey O'Donnell-Welch
A Series of Unfortunate (RMM) Events

2025-12-18 ⋅ Acronis ⋅ Acronis Security
Acronis TRU Alliance {Hunt.io}: Hunting DPRK threats - New Global Lazarus & Kimsuky campaigns
BADCALL POOLRAT Quasar RAT

2025-12-18 ⋅ Gen Digital Inc ⋅ Vojtěch Krejsa
Gen Blogs | Defeating AuraStealer: Practical Deobfuscation Workflows for Modern Infostealers
Aura Stealer

2025-12-18 ⋅ safebreach ⋅ Tomer Bar
Prince of Persia: A decade of Iranian Nation State APT Campaign Activity
Infy Tonnerre

2025-12-18 ⋅ ESET Research ⋅ Anton Cherepanov, Peter Strýček
LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan
NosyDownloader

2025-12-18 ⋅ Cyderes ⋅ Rahul Ramesh
From Loader to Looter: ACR Stealer Rides on Upgraded CountLoader
ACR Stealer CountLoader

2025-12-18 ⋅ BlackPoint ⋅ Nevan Beal, Sam Decker
New MintsLoader Variant Using Hashtable Obfuscation
MintsLoader

2025-12-17 ⋅ Recorded Future ⋅ Insikt Group
PurpleBravo’s Targeting of the IT Software Supply Chain
BeaverTail InvisibleFerret PylangGhost GolangGhost

2025-12-17 ⋅ Cisco Talos ⋅ Cisco Talos
UAT-9686 actively targets Cisco Secure Email Gateway and Secure Email and Web Manager
UAT-9686

2025-12-17 ⋅ Crystal Intelligence ⋅ Crystal Intelligence
How we proved North Korea’s blockchain malware campaign
JADESNOW

2025-12-17 ⋅ XLab ⋅ Acey9, Alex.Turing, RootKiter, Wang Hao
Kimwolf Exposed: The Massive Android Botnet with 1.8 Million Infected Devices
Kimwolf Aisuru

2025-12-17 ⋅ Recorded Future ⋅ Insikt Group
BlueDelta’s Persistent Campaign Against UKR.NET

2025-12-16 ⋅ Zscaler ⋅ Gaetano Pellegrino
BlindEagle Targets Colombian Government Agency with Caminho and DCRAT
DCRat PhantomVAI