Malpedia Library

Click here to download all references as Bib-File.•

2026-02-22 ⋅ Securite360.net ⋅ Muffin
OPSEC on a Budget: What BadAudio Reveals About APT24
BADAUDIO

2026-02-22 ⋅ kmsec ⋅ Kieran Miyamoto
Tracking DPRK operator IPs over time

2026-02-21 ⋅ kmsec ⋅ Kieran Miyamoto
DPRK tests Google Drive as a malware stager

2026-02-19 ⋅ Elastic ⋅ Elastic Security Labs, Salim Bitam
MIMICRAT: ClickFix Campaign Delivers Custom RAT via Compromised Legitimate Websites
AstarionRAT

2026-02-19 ⋅ Proofpoint ⋅ Proofpoint
(Don't) TrustConnect: It's a RAT in an RMM hat
TrustConnect RAT

2026-02-19 ⋅ GitLab ⋅ Oliver Smith
GitLab Threat Intelligence Team reveals North Korean tradecraft
BeaverTail OtterCookie Contagious Interview

2026-02-18 ⋅ Recorded Future ⋅ Insikt Group
GrayCharlie Hijacks Law Firm Sites in Suspected Supply-Chain Attack
SmartApeSG NetSupportManager RAT SectopRAT GrayCharlie

2026-02-17 ⋅ Hunt.io ⋅ Hunt.io
Fake Homebrew Typosquats Used to Deliver Cuckoo Stealer via ClickFix

2026-02-17 ⋅ Google ⋅ Daniel Sislo, Fernando Tomlinson, John Scarbrough, Jr., Nick Harbour, PETER UKHANOV, Rich Reece
From BRICKSTORM to GRIMBOLT: UNC6201 Exploiting a Dell RecoverPoint for Virtual Machines Zero-Day
BRICKSTORM GRIMBOLT SLAYSTYLE UNC6201

2026-02-17 ⋅ ⋅ CERT.PL ⋅ CERT.PL
ClickFix in action: how a fake captcha can encrypt an entire company
Latrodectus Supper

2026-02-17 ⋅ ANY.RUN ⋅ ANY.RUN
LATAM Businesses Hit by XWorm via Fake Financial Receipts: Full Campaign Analysis
XWorm

2026-02-16 ⋅ kmsec ⋅ Kieran Miyamoto
Exposed DPRK reference malware and logs

2026-02-16 ⋅ Huntress Labs ⋅ Anna Pham, Michael Tigges
ClickFix Won't Die. Neither Will Matanbuchus. A New RAT and a Hands-on-Keyboard Intrusion
AstarionRAT Matanbuchus

2026-02-15 ⋅ Github (jrm360seclab) ⋅ Johny Metellus
AODIN X1BQ Projector — Pre-Installed Vo1d Botnet Malware
Void

2026-02-13 ⋅ kmsec ⋅ Kieran Miyamoto
VMWare artifacts left by a FAMOUS CHOLLIMA operator

2026-02-12 ⋅ Botcrawl ⋅ Sean Doyle
Nippon Medical School Musashi Kosugi Hospital Data Breach Claimed by NetRunnerPR
NetRunnerPR

2026-02-12 ⋅ Sekoia ⋅ Pierre Le Bourhis
OysterLoader Unmasked: The Multi-Stage Evasion Loader
Broomstick

2026-02-12 ⋅ LevelBlue ⋅ Rodel Mendrez
How ClickFix Opens the Door to Stealthy StealC Information Stealer
IClickFix Stealc

2026-02-11 ⋅ Isovalent ⋅ Jeremy Colvin
Deconstructing Voidlink: Why New AI and Cloud-Native Threats Require a New Class of Defense
VoidLink UAT-9921

2026-02-11 ⋅ Bitdefender ⋅ Bogdan Ionut Lazar, Janos Gergo Szeles, Manuel Dragomir
LummaStealer Is Getting a Second Life Alongside CastleLoader
CASTLELOADER Lumma Stealer