Malpedia Library

Click here to download all references as Bib-File.•

2025-08-27 ⋅ US Department of Defense ⋅ CISA
Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System

2025-08-27 ⋅ Defentive ⋅ Defentive Threat Research
Anatomy of a Real Phishing Attack: How Defentive Detected and Stopped It in Action

2025-08-26 ⋅ Recorded Future ⋅ Insikt Group
TAG-144’s Persistent Grip on South American Organizations
AsyncRAT BitRAT DCRat LimeRAT NjRAT PureCrypter Quasar RAT Remcos

2025-08-26 ⋅ Google ⋅ Austin Larsen, Matt Lin, Omar ElAhdan, Tyler McLellan
Widespread Data Theft Targets Salesforce Instances via Salesloft Drift
UNC6395

2025-08-26 ⋅ Sophos ⋅ Sophos Counter Threat Unit Research Team
Velociraptor incident response tool abused for remote access

2025-08-25 ⋅ zimperium ⋅ Vishnu Pratapagiri
Hook Version 3: The Banking Trojan with The Most Advanced Capabilities
Hook

2025-08-25 ⋅ Google ⋅ Google Threat Intelligence Group
Deception in Depth: PRC-Nexus Espionage Campaign Hijacks Web Traffic to Target Diplomats
STATICPLUGIN

2025-08-24 ⋅ cocomelonc ⋅ cocomelonc
MacOS hacking part 10: shellcode injection via task_for_pid - create remote thread. Simple C (Intel) example

2025-08-21 ⋅ Zscaler ⋅ Himanshu Sharma
Android Document Readers and Deception: Tracking the Latest Updates to Anatsa
Anatsa

2025-08-21 ⋅ GBHackers on Security ⋅ Aman Mishra
Threat Actors Weaponize PDF Editor Trojan to Convert Devices into Proxies
TamperedChef

2025-08-21 ⋅ Trellix ⋅ Sagar Bade
The Silent, Fileless Threat of VShell
Vshell

2025-08-21 ⋅ CrowdStrike ⋅ Counter Adversary Operations
MURKY PANDA: A Trusted-Relationship Threat in the Cloud

2025-08-20 ⋅ Hunt.io ⋅ Hunt.io
APT MuddyWater Deploys Multi-Stage Phishing to Target CFOs

2025-08-19 ⋅ The Wall Street Journal ⋅ Robert McMillan
Oregon Man Accused of Operating One of Most Powerful Attack ‘Botnets’ Ever Seen
RapperBot

2025-08-19 ⋅ IBM X-Force ⋅ Raymond Joseph Alfonso
IBM X-Force Threat Analysis: QuirkyLoader - A new malware loader delivering infostealers and RATs
QuirkyLoader

2025-08-19 ⋅ Red Canary ⋅ Chris Brook, Christina Johns, Tyler Edmonds
Patching for persistence: How DripDropper Linux malware moves through the cloud

2025-08-18 ⋅ Trellix ⋅ Alex Lanstein, Pham Duy Phuc
The Coordinated Embassy Hunt: Unmasking the DPRK-linked GitHub C2 Espionage Campaign
XenoRAT

2025-08-18 ⋅ Medium RaghavtiResearch ⋅ BeGoodToAll
Qilin Ransomware-as-a-Service: Threat Analysis and Strategic Outlook
Qilin AgendaCrypt

2025-08-15 ⋅ cocomelonc ⋅ cocomelonc
Malware development trick 50: phishing attack using a fake login page with Telegram exfiltration. Simple Javascript example.

2025-08-15 ⋅ Cisco Talos ⋅ Asheer Malhotra, Brandon White, Vitor Ventura
UAT-7237 targets Taiwanese web hosting infrastructure
SoundBill