Malpedia Library

Click here to download all references as Bib-File.•

2025-05-19 ⋅ The DFIR Report ⋅ 0xtornado, pcsc0ut, Randy Pargman
Another Confluence Bites the Dust: Falling to ELPACO-team Ransomware
Mimic Ransomware MimiKatz

2025-05-19 ⋅ RalfHacker
GitHub - Adaptix-Framework//AdaptixC2
AdaptixC2

2025-05-17 ⋅ Denwp Research ⋅ Tonmoy Jitu
More_Eggs? A Venom Spider Backdoor Targeting HR
More_eggs

2025-05-14 ⋅ ⋅ LAC ⋅ Yoshihiro Ishikawa
Continued EAGERBEE (Thumtais) malware activity
EagerBee

2025-05-13 ⋅ Trend Micro ⋅ Philip Chen, Pierre Lee, Vickie Su
Earth Ammit Disrupts Drone Supply Chains Through Coordinated Multi-Wave Attacks in Taiwan

2025-05-13 ⋅ EclecticIQ ⋅ Arda Büyükkaya
China-Nexus Nation State Actors Exploit SAP NetWeaver (CVE-2025-31324) to Target Critical Infrastructures
KrustyLoader SNOWLIGHT Vshell

2025-05-13 ⋅ Cisco Talos ⋅ Asheer Malhotra, Ashley Shen, Edmund Brumaghin, Vitor Ventura
Defining a new methodology for modeling and tracking compartmentalized threats

2025-05-12 ⋅ Synacktiv ⋅ Maxence Fossat
Open-source toolset of an Ivanti CSA attacker
HTran iox reGeorg

2025-05-12 ⋅ ESET Research ⋅ ESET Research
ESET APT Activity Report Q4 2024–Q1 2025
BeaverTail InvisibleFerret GolangGhost

2025-05-12 ⋅ Genians ⋅ Genians
Analysis of APT37 Attack Case Disguised as a Think Tank for National Security Strategy in South Korea (Operation. ToyBox Story)
RokRAT

2025-05-10 ⋅ cocomelonc ⋅ cocomelonc
Malware development trick 47: simple Windows clipboard hijacking. Simple C example.
CosmicDuke RokRAT

2025-05-09 ⋅ Lumen ⋅ Black Lotus Labs
Classic Rock: Hunting a Botnet that preys on the Old

2025-05-08 ⋅ DataBreaches.net ⋅ @chum1ng0, Dissent
Negotiations with the Akira ransomware group: an ill-advised approach
Akira

2025-05-08 ⋅ Fortinet ⋅ Ran Mizrahi
Multilayered Email Attack: How a PDF Invoice and Geo-Fencing Led to RAT Malware
Ratty

2025-05-08 ⋅ Forescout ⋅ Luca Barba, Sai Molige
Threat Analysis: SAP Vulnerability Exploited in the Wild by Chinese Threat Actor
Chaya_004

2025-05-07 ⋅ FBI ⋅ FBI
Cyber Criminal Services Target End-of-Life Routers to Launch Attacks and Hide Their Activities
TheMoon

2025-05-07 ⋅ Palo Alto Networks Unit 42 ⋅ Unit 42
Iranian Cyber Actors Impersonate Model Agency in Suspected Espionage Operation
APT35

2025-05-06 ⋅ Akamai ⋅ Kyle Lefton
Here Comes Mirai: IoT Devices RSVP to Active Exploitation
LZRD

2025-05-05 ⋅ BleepingComputer ⋅ Lawrence Abrams
New "Bring Your Own Installer" EDR bypass used in ransomware attack

2025-05-05 ⋅ Hunt.io ⋅ Hunt.io
APT36-Style ClickFix Attack Spoofs Indian Ministry to Target Windows & Linux