Malpedia Library

Click here to download all references as Bib-File.•

2025-04-21 ⋅ Twitter (@browsercookies) ⋅ Cookie Connoisseur
Tweet on public Google Drive potentially connected to DPRK activity.

2025-04-17 ⋅ Trail of Bits ⋅ Trail of Bits
Mitigating ELUSIVE COMET Zoom remote control attacks
ELUSIVE COMET

2025-04-17 ⋅ Proofpoint ⋅ Greg Lesnewich, Josh Miller, Mark Kelly, Saher Naumaan
Around the World in 90 Days: State-Sponsored Actors Try ClickFix
Quasar RAT UNK_RemoteRogue

2025-04-17 ⋅ FORTRA ⋅ Max Ickert
Threat Actor Profile: SheByte Phishing-as-a-Service

2025-04-16 ⋅ TechCrunch ⋅ Zack Whittaker
Apple says zero-day bugs exploited against ‘specific targeted individuals’ using iOS

2025-04-16 ⋅ SpyCloud ⋅ Aurora Johnson, Keegan Keplinger
Exposed Credentials & Ransomware Operations: Using LLMs to Digest 200K Messages from the Black Basta Chats
Black Basta Black Basta

2025-04-15 ⋅ ⋅ Orange Cyberdefense ⋅ André Henschel, Friedl Holzner
CyberSOC Insights: Analysis of a Black Basta Attack Campaign
Black Basta DarkGate Lumma Stealer

2025-04-15 ⋅ SecurityWeek ⋅ The Associated Press
China Pursuing 3 Alleged US Operatives Over Cyberattacks During Asian Games

2025-04-12 ⋅ CyberSecurity88 ⋅ CyberSecurity88
Algeria’s Ministry of Pharmaceutical Industry Data Leaked in Retaliatory Cyberattack
MORH4x

2025-04-11 ⋅ Reliaquest ⋅ RELIAQUEST THREAT RESEARCH TEAM
Threat Spotlight: Hijacked and Hidden: New Backdoor and Persistence Technique

2025-04-10 ⋅ Kaspersky Labs ⋅ Oleg Kupreev
GOFFEE continues to attack organizations in Russia
Owowa GOFFEE

2025-04-10 ⋅ Medium TRAC Labs ⋅ TRAC Labs
Autopsy of a Failed Stealer: StealC v2
Stealc

2025-04-09 ⋅ Resecurity ⋅ Resecurity
Cybercriminals Attacked National Social Security Fund of Morocco - Millions of Digital Identities at Risk of Data Breach
Jabaroot

2025-04-09 ⋅ NCSC UK ⋅ ASD, BND, Bundesamt für Verfassungsschutz, Canadian Centre for Cyber Security (CCCS), FBI, NCSC UK, New Zealand National Cyber Security Centre (NZ NCSC), NSA
Advisory: BADBAZAAR and MOONSHINE: Spyware targeting Uyghur, Taiwanese and Tibetan groups and civil society actors
badbazaar

2025-04-08 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Exploitation of CLFS zero-day leads to ransomware activity
RansomEXX Storm-2460

2025-04-08 ⋅ Trustwave ⋅ Nikita Kazymirskyi, Serhii Melnyk
A deep Dive into the Leaked Black Basta Chat Logs
Black Basta Black Basta

2025-04-08 ⋅ Seqrite ⋅ Sathwik Ram Prakki
Goodbye HTA, Hello MSI: New TTPs and Clusters of an APT driven by Multi-Platform Attacks
CurlBack RAT XenoRAT

2025-04-08 ⋅ Hunt.io ⋅ Hunt.io
State-Sponsored Tactics: How Gamaredon and ShadowPad Operate and Rotate Their Infrastructure
ShadowPad

2025-04-07 ⋅ SOC Prime ⋅ Veronika Telychko
UAC-0226 Attack Detection: New Cyber-Espionage Campaign Targeting Ukrainian Innovation Hubs and Government Entities with GIFTEDCROOK Stealer
GIFTEDCROOK UAC-0226

2025-04-06 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Target espionage activity UAC-0226 in relation to the centers of innovation, state and law enforcement services using the GIFTEDCROOK (CERT-UA#14303)
GIFTEDCROOK UAC-0226