Malpedia Library

Click here to download all references as Bib-File.•

2025-08-19 ⋅ Red Canary ⋅ Chris Brook, Christina Johns, Tyler Edmonds
Patching for persistence: How DripDropper Linux malware moves through the cloud

2025-08-18 ⋅ Trellix ⋅ Alex Lanstein, Pham Duy Phuc
The Coordinated Embassy Hunt: Unmasking the DPRK-linked GitHub C2 Espionage Campaign
XenoRAT

2025-08-18 ⋅ 0x0d4y ⋅ 0x0d4y
Veletrix Loader Infection: A Look from a Digital Forensic Perspective
VELETRIX

2025-08-18 ⋅ Medium RaghavtiResearch ⋅ BeGoodToAll
Qilin Ransomware-as-a-Service: Threat Analysis and Strategic Outlook
Qilin AgendaCrypt

2025-08-18 ⋅ Trellix ⋅ Ryan Weil
A Comprehensive Analysis of HijackLoader and Its Infection Chain
HijackLoader

2025-08-16 ⋅ t0ast's blog ⋅ t0ast
Warlock Group: We're only here for SharePoint and the Lamborghinis
WarLock

2025-08-15 ⋅ cocomelonc ⋅ cocomelonc
Malware development trick 50: phishing attack using a fake login page with Telegram exfiltration. Simple Javascript example.

2025-08-15 ⋅ Cisco Talos ⋅ Asheer Malhotra, Brandon White, Vitor Ventura
UAT-7237 targets Taiwanese web hosting infrastructure
SoundBill

2025-08-15 ⋅ Bleeping Computer ⋅ Bill Toulas
Colt Telecom attack claimed by WarLock ransomware, data up for sale
WarLock

2025-08-14 ⋅ Censys ⋅ Himaja Motheram
2025 State of the Internet: Digging into Residential Proxy Infrastructure
PolarEdge

2025-08-14 ⋅ Hunt.io ⋅ Hunt.io
Hunt.io Exposes and Analyzes ERMAC V3.0 Banking Trojan Full Source Code Leak
ERMAC

2025-08-13 ⋅ Intezer ⋅ Nicole Fishbein
Threat Bulletin: Fire in the Woods – A New Variant of FireWood
FireWood

2025-08-13 ⋅ Gdata ⋅ Karsten Hahn
JustAskJacky: AI causes a Trojan Horse Comeback
TamperedChef

2025-08-12 ⋅ The New York Times ⋅ Adam Goldman, Glenn Thrush, Mattathias Schwartz
Russia Is Suspected to Be Behind Breach of Federal Court Filing System

2025-08-12 ⋅ bluecyber ⋅ Khắc Minh
Analysis of a ClickFix malware attack
Vidar

2025-08-12 ⋅ Cisco Talos ⋅ Edmund Brumaghin, Jordyn Dunk
Malvertising campaign leads to PS1Bot, a multi-stage malware framework
PS1Bot

2025-08-12 ⋅ Netresec ⋅ Erik Hjelmvik
PureRAT = ResolverRAT = PureHVNC
PureRAT

2025-08-11 ⋅ cocomelonc ⋅ cocomelonc
Malware development trick 49: abusing Azure DevOps REST API for covert data channels. Simple C examples.
AllaKore

2025-08-11 ⋅ nimanthadeshappriya.com ⋅ Nimantha Deshappriya
From Colombo to Pyongyang
BeaverTail BeaverTail Beavertail

2025-08-10 ⋅ cocomelonc ⋅ cocomelonc
MacOS hacking part 8: dlopen() code loading + finding target PIDs. Simple C (Intel, ARM) examples