Malpedia Library

Click here to download all references as Bib-File.•

2025-09-02 ⋅ At-Bay ⋅ Aaron Smith, Laurie Iacono, MC, Ricardo Vazquez, Rohit Pappali, Will Botto, Yiwei Guo
Rhysida: Evading Detection, One Service at a Time
Rhysida

2025-09-01 ⋅ cocomelonc ⋅ cocomelonc
MacOS hacking part 11: bind shell for ARM (M1). Simple Assembly (M1) and C (run shellcode) examples

2025-08-28 ⋅ Gdata ⋅ Karsten Hahn, Louis Sorita
AppSuite PDF Editor Backdoor: A Detailed Technical Analysis
TamperedChef

2025-08-28 ⋅ Aryaka Networks ⋅ bikash dash, varadharajan krishnasamy
Vidar Infostealer in Action From API Hooking to Covert Data Exfiltration
Vidar

2025-08-28 ⋅ Intrinsec ⋅ David Sardinha
VAIZ, FDN3, TK-NET: A nebula of Ukrainian networks engaged in brute force and password spraying attacks
Amadey

2025-08-27 ⋅ StepSecurity ⋅ Anish Kurmi
Supply Chain Security Alert: Popular Nx Build System Package Compromised with Data-Stealing Malware
s1ngularity Stealer

2025-08-27 ⋅ US Department of Defense ⋅ CISA
Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System

2025-08-27 ⋅ Defentive ⋅ Defentive Threat Research
Anatomy of a Real Phishing Attack: How Defentive Detected and Stopped It in Action

2025-08-26 ⋅ Sophos ⋅ Sophos Counter Threat Unit Research Team
Velociraptor incident response tool abused for remote access

2025-08-25 ⋅ Google ⋅ Google Threat Intelligence Group
Deception in Depth: PRC-Nexus Espionage Campaign Hijacks Web Traffic to Target Diplomats
STATICPLUGIN

2025-08-24 ⋅ cocomelonc ⋅ cocomelonc
MacOS hacking part 10: shellcode injection via task_for_pid - create remote thread. Simple C (Intel) example

2025-08-22 ⋅ K7 Security ⋅ Harihara Sudhan
Examining the tactics of BQTLOCK Ransomware & its variants
BQTlock

2025-08-21 ⋅ Zscaler ⋅ Himanshu Sharma
Android Document Readers and Deception: Tracking the Latest Updates to Anatsa
Anatsa

2025-08-21 ⋅ GBHackers on Security ⋅ Aman Mishra
Threat Actors Weaponize PDF Editor Trojan to Convert Devices into Proxies
TamperedChef

2025-08-20 ⋅ HarfangLab ⋅ HarfangLab CTR
UAC-0057 keeps applying pressure on Ukraine and Poland
PicassoLoader

2025-08-19 ⋅ cocomelonc ⋅ cocomelonc
MacOS hacking part 9: shellcode injection via task_for_pid - thread hijacking. Simple C (Intel) example

2025-08-19 ⋅ The Wall Street Journal ⋅ Robert McMillan
Oregon Man Accused of Operating One of Most Powerful Attack ‘Botnets’ Ever Seen
RapperBot

2025-08-18 ⋅ Trellix ⋅ Ryan Weil
A Comprehensive Analysis of HijackLoader and Its Infection Chain
HijackLoader

2025-08-15 ⋅ cocomelonc ⋅ cocomelonc
Malware development trick 50: phishing attack using a fake login page with Telegram exfiltration. Simple Javascript example.

2025-08-15 ⋅ Bleeping Computer ⋅ Bill Toulas
Colt Telecom attack claimed by WarLock ransomware, data up for sale
WarLock