Malpedia Library

Click here to download all references as Bib-File.•

2025-08-27 ⋅ Defentive ⋅ Defentive Threat Research
Anatomy of a Real Phishing Attack: How Defentive Detected and Stopped It in Action

2025-08-26 ⋅ Recorded Future ⋅ Insikt Group
TAG-144’s Persistent Grip on South American Organizations
AsyncRAT BitRAT DCRat LimeRAT NjRAT PureCrypter Quasar RAT Remcos

2025-08-26 ⋅ Google ⋅ Austin Larsen, Matt Lin, Omar ElAhdan, Tyler McLellan
Widespread Data Theft Targets Salesforce Instances via Salesloft Drift
UNC6395

2025-08-26 ⋅ Sophos ⋅ Sophos Counter Threat Unit Research Team
Velociraptor incident response tool abused for remote access

2025-08-26 ⋅ Twitter (@ESETresearch) ⋅ ESET Research
Tweet about PromptLock discovery
PromptLock

2025-08-25 ⋅ zimperium ⋅ Vishnu Pratapagiri
Hook Version 3: The Banking Trojan with The Most Advanced Capabilities
Hook

2025-08-25 ⋅ Google ⋅ Google Threat Intelligence Group
Deception in Depth: PRC-Nexus Espionage Campaign Hijacks Web Traffic to Target Diplomats
STATICPLUGIN

2025-08-24 ⋅ cocomelonc ⋅ cocomelonc
MacOS hacking part 10: shellcode injection via task_for_pid - create remote thread. Simple C (Intel) example

2025-08-23 ⋅ LevelBlue ⋅ Jeff Kieschnick
Like PuTTY in Admin’s Hands
Broomstick

2025-08-22 ⋅ K7 Security ⋅ Harihara Sudhan
Examining the tactics of BQTLOCK Ransomware & its variants
BQTlock

2025-08-21 ⋅ Zscaler ⋅ Himanshu Sharma
Android Document Readers and Deception: Tracking the Latest Updates to Anatsa
Anatsa

2025-08-21 ⋅ GBHackers on Security ⋅ Aman Mishra
Threat Actors Weaponize PDF Editor Trojan to Convert Devices into Proxies
TamperedChef

2025-08-21 ⋅ Trellix ⋅ Sagar Bade
The Silent, Fileless Threat of VShell
Vshell

2025-08-21 ⋅ Swiss Post Cybersecurity ⋅ Louis Schürmann
The ClickFix Deception: How a Fake CAPTCHA Deploys an Evasive Infostealer
donut_injector

2025-08-21 ⋅ CrowdStrike ⋅ Counter Adversary Operations
MURKY PANDA: A Trusted-Relationship Threat in the Cloud

2025-08-20 ⋅ Kroll ⋅ Marc Messer, Otavio Passos, Ryan Hicks
XWORM Returns to Haunt Systems with Ghost Crypt
XWorm

2025-08-20 ⋅ HarfangLab ⋅ HarfangLab CTR
UAC-0057 keeps applying pressure on Ukraine and Poland
PicassoLoader

2025-08-19 ⋅ cocomelonc ⋅ cocomelonc
MacOS hacking part 9: shellcode injection via task_for_pid - thread hijacking. Simple C (Intel) example

2025-08-19 ⋅ The Wall Street Journal ⋅ Robert McMillan
Oregon Man Accused of Operating One of Most Powerful Attack ‘Botnets’ Ever Seen
RapperBot

2025-08-19 ⋅ IBM X-Force ⋅ Raymond Joseph Alfonso
IBM X-Force Threat Analysis: QuirkyLoader - A new malware loader delivering infostealers and RATs
QuirkyLoader