Malpedia Library

Click here to download all references as Bib-File.•

2026-03-03 ⋅ Sophos ⋅ Sophos Counter Threat Unit Research Team
Hacktivist campaigns increase as United States, Iran, and Israel conflict intensifies
APTIran

2026-03-03 ⋅ Microsoft ⋅ Microsoft
Signed malware impersonating workplace apps deploys RMM backdoors
TrustConnect RAT

2026-02-28 ⋅ Github (cocomelonc) ⋅ cocomelonc
MacOS malware persistence 4: AutoLaunched Applications, Background Task Management (BTM). Simple C example

2026-02-26 ⋅ Gdata ⋅ John Dador, Karsten Hahn
HijackLoader: Free Games, Costly Consequences
HijackLoader

2026-02-25 ⋅ Cisco Talos ⋅ Cisco Talos
Active exploitation of Cisco Catalyst SD-WAN by UAT-8616
UAT-8616

2026-02-25 ⋅ Google ⋅ 0verfl0w_, Anton Chuvakin, Bob Mechler, Crystal Lister, Eduardo Mattos, Google, Jason Bisson, Joachim Metz, John Stone, Jorge Blanco, Keith Lunden, Lia Wertheimer, Matthew Siuda, Michael Robinson, Muhammad Muneer, Noah McDonald, Ollie Green, Seth Rosenblatt
Cloud Threat Horizons Report: H1 2026
UNC6426

2026-02-25 ⋅ Hive Pro ⋅ Hive Pro
SANDWORM_MODE: npm Supply Chain Attack Targeting AI Development Tools

2026-02-25 ⋅ Abstract Security ⋅ Abstract Security Threat Research Organization (ASTRO)
Contagious Interview: Evolution of VS Code and Cursor Tasks Infection Chains - Part 1
BeaverTail PylangGhost GolangGhost

2026-02-25 ⋅ Twitter (@anyrun_app) ⋅ Achmad Adhikara, ANY.RUN
Tweet about KarstoRAT
KarstoRAT

2026-02-23 ⋅ ⋅ DisInfo ⋅ DisInfo
Technical attack, public discredit and isolation! The history of an IT company in Moldova, pushed outside the European market

2026-02-22 ⋅ kmsec ⋅ Kieran Miyamoto
Tracking DPRK operator IPs over time

2026-02-18 ⋅ Recorded Future ⋅ Insikt Group
GrayCharlie Hijacks Law Firm Sites in Suspected Supply-Chain Attack
SmartApeSG NetSupportManager RAT SectopRAT GrayCharlie

2026-02-17 ⋅ Google ⋅ Daniel Sislo, Fernando Tomlinson, John Scarbrough, Jr., Nick Harbour, PETER UKHANOV, Rich Reece
From BRICKSTORM to GRIMBOLT: UNC6201 Exploiting a Dell RecoverPoint for Virtual Machines Zero-Day
BRICKSTORM GRIMBOLT SLAYSTYLE UNC6201

2026-02-17 ⋅ ⋅ CERT.PL ⋅ CERT.PL
ClickFix in action: how a fake captcha can encrypt an entire company
Latrodectus Supper

2026-02-13 ⋅ kmsec ⋅ Kieran Miyamoto
VMWare artifacts left by a FAMOUS CHOLLIMA operator

2026-02-12 ⋅ Botcrawl ⋅ Sean Doyle
Nippon Medical School Musashi Kosugi Hospital Data Breach Claimed by NetRunnerPR
NetRunnerPR

2026-02-11 ⋅ Intel 471 ⋅ Intel 471
Winter Olympics 2026: Hacktivism Surges Ahead of Protests and Suspected Sabotage
Z-Pentest Alliance

2026-02-10 ⋅ Cisco Talos ⋅ Aaron Boyd, Asheer Malhotra, Nick Biasini, Vitor Ventura
New threat actor, UAT-9921, leverages VoidLink framework in campaigns
VoidLink UAT-9921

2026-02-05 ⋅ Github (cocomelonc) ⋅ cocomelonc
MacOS malware persistence 3: Dylib hijacking (VLC). Simple C example

2026-02-05 ⋅ Bleeping Computer ⋅ Bill Toulas
Italian university La Sapienza goes offline after cyberattack
Rorschach Ransomware Femwar02