Malpedia Library

Click here to download all references as Bib-File.•

2025-06-20 ⋅ Validin ⋅ Kenneth Kinion
Zooming through BlueNoroff Indicators with Validin

2025-06-20 ⋅ Twitter (@threatintel) ⋅ Threat Intelligence
Tweet about wiper deployed against Albania by Druidfly

2025-06-20 ⋅ Github (VenzoV) ⋅ VenzoV
Analysis of Amatera Stealer v1 (Test build)
Amatera

2025-06-19 ⋅ Recorded Future ⋅ Insikt Group
DRAT V2: Updated DRAT Emerges in TAG-140’s Arsenal
DRAT TAG-140

2025-06-19 ⋅ Hunt.io ⋅ Hunt.io
Cobalt Strike Operators Leverage PowerShell Loaders Across Chinese, Russian, and Global Infrastructure
Cobalt Strike

2025-06-19 ⋅ Government of Canada ⋅ Government of Canada
Cyber threat bulletin: People's Republic of China cyber threat activity: PRC cyber actors target telecommunications companies as part of a global cyberespionage campaign

2025-06-19 ⋅ cocomelonc ⋅ cocomelonc
MacOS hacking part 2: classic injection trick into macOS applications. Simple C example

2025-06-18 ⋅ Red Canary ⋅ Red Canary
Mocha Manakin delivers custom NodeJS backdoor via paste and run
Mocha Manakin

2025-06-18 ⋅ Google ⋅ Gabby Roncone, Wesley Shields
What’s in an ASP? Creative Phishing Attack on Prominent Academics and Critics of Russia
UNC6293

2025-06-18 ⋅ Securonix ⋅ Tim Peck
Analyzing SERPENTINE#CLOUD: Threat Actors Abuse Cloudflare Tunnels to Infect Systems with Stealthy Python-Based Malware

2025-06-18 ⋅ Seqrite ⋅ Prashil Moon
Masslogger Fileless Variant – Spreads via .VBE, Hides in Registry
MASS Logger

2025-06-18 ⋅ Cisco Talos ⋅ Vanja Svajcer
Famous Chollima deploying Python version of GolangGhost RAT
GolangGhost PylangGhost GolangGhost

2025-06-18 ⋅ Check Point Research ⋅ Antonis Terefos, Jaromír Hořejší
Fake Minecraft mods distributed by the Stargazers Ghost Network to steal gamers’ data

2025-06-18 ⋅ Elastic ⋅ Salim Bitam
A Wretch Client: From ClickFix deception to information stealer deployment
HijackLoader Lumma Stealer SectopRAT

2025-06-18 ⋅ Huntress Labs ⋅ Alden Schmidt, Jonathan Semon, Stuart Ashenbrenner
Feeling Blue(Noroff): Inside a Sophisticated DPRK Web3 Intrusion

2025-06-18 ⋅ PRODAFT ⋅ PRODAFT
AntiDot
Antidot

2025-06-17 ⋅ Trend Micro ⋅ Ahmed Mohamed Ibrahim, Aliakbar Zahravi, Shubham Singh, Sunil Bharti
Critical Langflow Vulnerability (CVE-2025-3248) Actively Exploited to Deliver Flodrix Botnet
Flodrix

2025-06-17 ⋅ Palo Alto Networks Unit 42 ⋅ Dominik Reichel
Exploring a New KimJongRAT Stealer Variant and Its PowerShell Implementation
KimJongRat

2025-06-17 ⋅ DARKReading ⋅ James Shank
Operation Endgame: Do Takedowns and Arrests Matter?
BumbleBee Emotet Pikabot SmokeLoader TrickBot

2025-06-16 ⋅ Glueck Kanja ⋅ Pascal Asch
Inside Akira Stealer: A full technical analysis of a modular stealer
Akira Stealer