Malpedia Library

Click here to download all references as Bib-File.•

2026-02-25 ⋅ Twitter (@anyrun_app) ⋅ Achmad Adhikara, ANY.RUN
Tweet about KarstoRAT
KarstoRAT

2026-02-24 ⋅ BlueVoyant ⋅ Joshua Green, Patrick Mchale
Mercenary Akula Hits Ukraine-Supporting Financial Institution
RMS

2026-02-24 ⋅ Symantec ⋅ Threat Hunter Team
North Korean Lazarus Group Now Working With Medusa Ransomware
ComeBacker Medusa

2026-02-23 ⋅ ⋅ DisInfo ⋅ DisInfo
Technical attack, public discredit and isolation! The history of an IT company in Moldova, pushed outside the European market

2026-02-23 ⋅ abuse.ch ⋅ abuse.ch
MalwareBazaar | SHA256 be2db69fbde37ce4b0dbd51a85cb18f78a1bfda70ef2f4ed7dcde75051f3659b (RatonRAT)
RatonRAT

2026-02-22 ⋅ Securite360.net ⋅ Muffin
OPSEC on a Budget: What BadAudio Reveals About APT24
BADAUDIO

2026-02-22 ⋅ kmsec ⋅ Kieran Miyamoto
Tracking DPRK operator IPs over time

2026-02-19 ⋅ Elastic ⋅ Elastic Security Labs, Salim Bitam
MIMICRAT: ClickFix Campaign Delivers Custom RAT via Compromised Legitimate Websites
AstarionRAT

2026-02-19 ⋅ Proofpoint ⋅ Proofpoint
(Don't) TrustConnect: It's a RAT in an RMM hat
TrustConnect RAT

2026-02-19 ⋅ GitLab ⋅ Oliver Smith
GitLab Threat Intelligence Team reveals North Korean tradecraft
BeaverTail OtterCookie Contagious Interview

2026-02-18 ⋅ Recorded Future ⋅ Insikt Group
GrayCharlie Hijacks Law Firm Sites in Suspected Supply-Chain Attack
SmartApeSG NetSupportManager RAT SectopRAT GrayCharlie

2026-02-17 ⋅ ANY.RUN ⋅ ANY.RUN
LATAM Businesses Hit by XWorm via Fake Financial Receipts: Full Campaign Analysis
XWorm

2026-02-17 ⋅ Kaspersky ⋅ Kaspersky
Kaspersky discovers Keenadu – a multifaceted Android malware that can come preinstalled on new devices
Keenadu

2026-02-17 ⋅ Hunt.io ⋅ Hunt.io
Fake Homebrew Typosquats Used to Deliver Cuckoo Stealer via ClickFix

2026-02-16 ⋅ Huntress Labs ⋅ Anna Pham, Michael Tigges
ClickFix Won't Die. Neither Will Matanbuchus. A New RAT and a Hands-on-Keyboard Intrusion
AstarionRAT Matanbuchus

2026-02-13 ⋅ kmsec ⋅ Kieran Miyamoto
VMWare artifacts left by a FAMOUS CHOLLIMA operator

2026-02-12 ⋅ Botcrawl ⋅ Sean Doyle
Nippon Medical School Musashi Kosugi Hospital Data Breach Claimed by NetRunnerPR
NetRunnerPR

2026-02-12 ⋅ LevelBlue ⋅ Rodel Mendrez
How ClickFix Opens the Door to Stealthy StealC Information Stealer
IClickFix Stealc

2026-02-11 ⋅ Isovalent ⋅ Jeremy Colvin
Deconstructing Voidlink: Why New AI and Cloud-Native Threats Require a New Class of Defense
VoidLink UAT-9921

2026-02-10 ⋅ Google ⋅ Google Threat Intelligence Group
Beyond the Battlefield: Threats to the Defense Industrial Base
Infrastructure Destruction Squad