Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2026-02-25Twitter (@anyrun_app)Achmad Adhikara, ANY.RUN
Tweet about KarstoRAT
KarstoRAT
2026-02-24MicrosoftMicrosoft Defender Experts
Developer-targeting campaign using malicious Next.js repositories
StoatWaffle
2026-02-24BlueVoyantJoshua Green, Patrick Mchale
Mercenary Akula Hits Ukraine-Supporting Financial Institution
RMS
2026-02-24SymantecThreat Hunter Team
North Korean Lazarus Group Now Working With Medusa Ransomware
ComeBacker Medusa
2026-02-24abuse.chabuse.ch
MalwareBazaar | SHA256 63deffbdd4053a38c95221589cc2ddd0595d451808a79432fa9f5476c4542390 (WalkLoader)
WalkLoader
2026-02-23Twitter (@Manu_De_Lucia)Emanuele De Lucia
Tweet about IronZero
IronZero
2026-02-23DisInfoDisInfo
Technical attack, public discredit and isolation! The history of an IT company in Moldova, pushed outside the European market
2026-02-23abuse.chabuse.ch
MalwareBazaar | SHA256 be2db69fbde37ce4b0dbd51a85cb18f78a1bfda70ef2f4ed7dcde75051f3659b (RatonRAT)
RatonRAT
2026-02-22Securite360.netMuffin
OPSEC on a Budget: What BadAudio Reveals About APT24
BADAUDIO
2026-02-22kmsecKieran Miyamoto
Tracking DPRK operator IPs over time
2026-02-21kmsecKieran Miyamoto
DPRK tests Google Drive as a malware stager
2026-02-19ElasticElastic Security Labs, Salim Bitam
MIMICRAT: ClickFix Campaign Delivers Custom RAT via Compromised Legitimate Websites
AstarionRAT
2026-02-19ProofpointProofpoint
(Don't) TrustConnect: It's a RAT in an RMM hat
TrustConnect RAT
2026-02-19GitLabOliver Smith
GitLab Threat Intelligence Team reveals North Korean tradecraft
BeaverTail OtterCookie Contagious Interview
2026-02-18Recorded FutureInsikt Group
GrayCharlie Hijacks Law Firm Sites in Suspected Supply-Chain Attack
SmartApeSG NetSupportManager RAT SectopRAT GrayCharlie
2026-02-17Hunt.ioHunt.io
Fake Homebrew Typosquats Used to Deliver Cuckoo Stealer via ClickFix
2026-02-17GoogleDaniel Sislo, Fernando Tomlinson, John Scarbrough, Jr., Nick Harbour, PETER UKHANOV, Rich Reece
From BRICKSTORM to GRIMBOLT: UNC6201 Exploiting a Dell RecoverPoint for Virtual Machines Zero-Day
BRICKSTORM GRIMBOLT SLAYSTYLE UNC6201
2026-02-17CERT.PLCERT.PL
ClickFix in action: how a fake captcha can encrypt an entire company
Latrodectus Supper
2026-02-17ANY.RUNANY.RUN
LATAM Businesses Hit by XWorm via Fake Financial Receipts: Full Campaign Analysis
XWorm
2026-02-16kmsecKieran Miyamoto
Exposed DPRK reference malware and logs