Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-04-30Google Cloud CommunityPraveeth DSouza
Finding Malware: Unveiling LUMMAC.V2 with Google Security Operations
Lumma Stealer
2025-04-29Nextron SystemsMaurice Fielenbach
Nitrogen Dropping Cobalt Strike – A Combination of “Chemical Elements”
Cobalt Strike Nitrogen Loader
2025-04-29France DiplomatieFrance Diplomatie
Russia – Assignment of cyber attacks against France to the Russian military intelligence service (APT28) (29 April 2025)
2025-04-29TrustwaveTrustwave SpiderLabs
Yet Another NodeJS Backdoor (YaNB): A Modern Challenge
KongTuke
2025-04-29LinkedIn (Ethical Hackers Academy)Ethical Hackers Academy
RansomHub Ransomware Deploys Malware to Breach Corporate Networks
FAKEUPDATES RansomHub
2025-04-28CensysThe Censys Research Team
Scouting a Threat Actor
2025-04-28InfobloxDarby Wise, Laura da Rocha, Piotr Glaska
Uncovering Actor TTP Patterns and the Role of DNS in Investment Scams
Reckless Rabbit Ruthless Rabbit
2025-04-25CensysCensys
The Persistent Threat of Salt Typhoon: Tracking Exposures of Potentially Targeted Devices
MASOL
2025-04-240xreverseUtku Çorbacı
Understanding Alcatraz ~ Obfuscator Analysis [EN]
2025-04-23Cisco TalosAsheer Malhotra, Ashley Shen, Brandon White, Joey Chen, Vitor Ventura
Introducing ToyMaker, an initial access broker working in cahoots with double extortion gangs
HOLERUN
2025-04-23Trend MicroFeike Hacquebord, Stephen Hilt
Russian Infrastructure Plays Crucial Role in North Korean Cybercrime Operations
BeaverTail FrostyFerret GolangGhost InvisibleFerret GolangGhost WageMole
2025-04-22Kaspersky LabsAlexander Demidov, Georgy Kucherin, Igor Kuznetsov
Russian organizations targeted by backdoor masquerading as secure networking software updates
2025-04-22VolexityCharlie Gardner, Josh Duke, Matthew Meltzer, Sean Koessel, Steven Adair, Tom Lancaster
Phishing for Codes: Russian Threat Actors Target Microsoft 365 OAuth Workflows
UTA0352 UTA0355
2025-04-21Twitter (@browsercookies)Cookie Connoisseur
Tweet on public Google Drive potentially connected to DPRK activity.
2025-04-17Trail of BitsTrail of Bits
Mitigating ELUSIVE COMET Zoom remote control attacks
ELUSIVE COMET
2025-04-17ProofpointGreg Lesnewich, Josh Miller, Mark Kelly, Saher Naumaan
Around the World in 90 Days: State-Sponsored Actors Try ClickFix
Quasar RAT UNK_RemoteRogue
2025-04-17FORTRAMax Ickert
Threat Actor Profile: SheByte Phishing-as-a-Service
2025-04-16TechCrunchZack Whittaker
Apple says zero-day bugs exploited against ‘specific targeted individuals’ using iOS
2025-04-16SpyCloudAurora Johnson, Keegan Keplinger
Exposed Credentials & Ransomware Operations: Using LLMs to Digest 200K Messages from the Black Basta Chats
Black Basta Black Basta
2025-04-15Orange CyberdefenseAndré Henschel, Friedl Holzner
CyberSOC Insights: Analysis of a Black Basta Attack Campaign
Black Basta DarkGate Lumma Stealer