Malpedia Library

Click here to download all references as Bib-File.•

2026-01-23 ⋅ ESET Research ⋅ ESET Research
ESET Research: Sandworm behind cyberattack on Poland’s power grid in late 2025

2026-01-23 ⋅ Zero Day ⋅ Kim Zetter
Cyberattack Targeting Poland’s Energy Grid Used a Wiper

2026-01-23 ⋅ Bluesky (@esetresearch.bsky.social) ⋅ ESET Research
Post about DynoWiper activity

2026-01-23 ⋅ BlackPoint ⋅ Jack Patrick, Sam Decker
Novel Fake CAPTCHA Chain Delivering Amatera Stealer
ACR Stealer Amatera

2026-01-23 ⋅ Medium Ireneusz Tarnowski ⋅ Ireneusz Tarnowski
SpyNote: Comprehensive Analysis of an Android Remote Access Trojan
SpyNote

2026-01-20 ⋅ Jamf ⋅ Thijs Xhaflaire
Threat Actors Expand Abuse of Microsoft Visual Studio Code
StoatWaffle

2026-01-20 ⋅ ⋅ Rostelecom-Solar ⋅ Pandora Hive Mind
ShadowRelay – a unique backdoor in the public sector
ShadowPad SNAPPYBEE

2026-01-20 ⋅ Abstract Security ⋅ Abstract Security Threat Research Organization
Contagious Interview: Tracking the VS Code Tasks Infection Vector
BeaverTail InvisibleFerret

2026-01-20 ⋅ FalconFeeds ⋅ FalconFeeds
Inside Iran’s APT Network: Profiling the Most Active Iranian State‑Linked Threat Actors

2026-01-19 ⋅ kmsec ⋅ Kieran Miyamoto
npm package bigmathix and the BigSquatRat campaign behind it

2026-01-16 ⋅ WithSecure ⋅ Mohammad Kazem Hassan Nejad
To the past and beyond: Andariel’s latest arsenal and cyberattacks
GopherRAT JelusRAT PetitPotato

2026-01-15 ⋅ ANALYST1 ⋅ Anastasia Sentsova
Infrastructure in the Shadows: How Two Leaks Unmasked the Criminal Network of Yalishanda aka Media Land, and BlackBasta
Black Basta Black Basta

2026-01-15 ⋅ Expel ⋅ AARON WALTON
Planned failure: Gootloader’s malformed ZIP actually works perfectly
GootLoader

2026-01-14 ⋅ Hunt.io ⋅ Hunt.io
Inside China’s Hosting Ecosystem: 18,000+ Malware C2 Servers Mapped Across Major ISPs

2026-01-14 ⋅ Trellix ⋅ Mallikarjun Wali, Mohideen Abdul Khader
Hiding in Plain Sight: Deconstructing the Multi-Actor DLL Sideloading Campaign abusing ahost.exe
DCRat

2026-01-13 ⋅ Medium @0xOZ ⋅ OZ
How to Get Scammed (by DPRK Hackers)
JADESNOW

2026-01-13 ⋅ LinkedIn (Majed Ali) ⋅ Majed Ali
Dissecting a Multi-Stage Malware Campaign: How Cracked Software's Delivers ViperSoftX
ViperSoftX

2026-01-12 ⋅ Securonix ⋅ Aaron Beardslee, Akshay Gaikwad, Shikha Sangwan
SHADOW#REACTOR – Text-Only Staging, .NET Reactor, and In-Memory Remcos RAT Deployment
Remcos

2026-01-12 ⋅ ⋅ Cert-UA ⋅ Cert-UA
"Unreliable Fund": targeted cyberattacks UAC-0190 against SOU using PLUGGYAPE (CERT-UA#19092)
PLUGGYAPE Void Blizzard

2026-01-09 ⋅ flare ⋅ Adrian Cheek
New Threat Actor Group PayTool Targets Canadians with Traffic Scams
PayTool