Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2026-04-13khr0x
Tweet about HanGhost
HanGhost
2026-04-13Twitter (@anyrun_app)Achmad Adhikara, khr0x
Tweet about HanGhost
2026-04-13DataminrTim Miller
Cyber Intel Brief: Pro-Iranian Actor Ababil of Minab Claims Cyberattack on LA Metro (LACMTA)
Ababil of Minab
2026-04-13CleafyCleafy
Mirax: a new Android RAT turning infected devices into potential residential proxy nodes
Mirax
2026-04-12cocomelonccocomelonc
Mobile malware development trick 3. CPU info logger: anti-VM and anti-sandbox. Simple Android (Kotlin) example.
2026-04-11Breakglass IntelligenceBreakglass Intelligence
We Dumped a Live Kimsuky C2 and Recovered Every Stage of the Kill Chain: CHM Dropper, VBScript Stager, PowerShell Keylogger
RandomQuery RandomQuery
2026-04-10InfobloxChong Lua Dao, Infoblox Threat Intel
Scams, Slaves and (Malware-as-a) Service: Tracking a Trojan to Cambodia’s Scam Centers
2026-04-09F6F6
Eastern Signature: Investigating a Cyberattack by an Asian Threat Group
ShadowPad
2026-04-08LookoutAlemdar Islamoglu, Justin Albrecht
Beyond BITTER: MENA Civil Society Targeted in Hack-For-Hire Operation Linked to BITTER APT
ProSpy
2026-04-08Black Lotus LabsDanny Adamitis, Ryan English
FrostArmada: All thriller, no (malware) filler
2026-04-07Talos IntelligenceAshley Shen
New Lua-based malware “LucidRook” observed in targeted attacks against Taiwanese organizations
LucidKnight LucidPawn LucidRook UAT-10362
2026-04-07RedPacket SecurityRedPacket Security
[KRYBIT] – Ransomware Victim: fraper[.]com
Krybit
2026-04-07MicrosoftMicrosoft Threat Intelligence
SOHO router compromise leads to DNS hijacking and adversary-in-the-middle attacks
2026-04-07IC3CISA, CNMF, Department of Energy (DOE), EPA, FBI, NSA
AA26-097A: Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure
2026-04-07NCSC UKNCSC UK
APT28 exploit routers to enable DNS hijacking operations
2026-04-07Gen DigitalJan Rubín, Vojtěch Krejsa
Remus: Unmasking The 64-bit Variant of the Infamous Lumma Stealer
Lumma Stealer Remus Tenzor
2026-04-06PICUS SecurityUmut Bayram
How NoName057(16) Uses DDoSia to Attack NATO Targets
Z-Pentest Alliance
2026-04-050x3oBADAbdullah Islam
Deep Technical Analysis Of Payload Ransomware Targeting ESXi Environment
Payload
2026-04-03PantherMichael Baker
jsonspack: Multi-Tenant Node.js RAT — DPRK Supply Chain Campaign
OtterCookie
2026-04-03Trend MicroJacob Santos, Jeffrey Francis Bonaobra, Sophia Nilette Robles
Weaponizing Trust Signals: Claude Code Lures and GitHub Release Payloads
GhostSocks Vidar