Malpedia Library

Click here to download all references as Bib-File.•

2026-01-09 ⋅ The Hacker News ⋅ Ravie Lakshmanan
Russian APT28 Runs Credential-Stealing Campaign Targeting Energy and Policy Organizations

2026-01-08 ⋅ FBI ⋅ IC3
North Korean Kimsuky Actors Leverage Malicious QR Codes in Spearphishing Campaigns Targeting U.S. Entities

2026-01-07 ⋅ MalBeacon ⋅ MalBeacon
[Op Report] CastleRAT Campaign leads to Hands-on-Keyboard ATO Operations
NightshadeC2

2026-01-06 ⋅ Reversing Labs ⋅ Robert Simmons
Unpacking the packer ‘pkr_mtsi’
Broomstick Supper

2026-01-06 ⋅ Trellix ⋅ Aswath A
The Ghost in the Machine: Unmasking CrazyHunter's Stealth Tactics
CrazyHunter

2026-01-06 ⋅ TechCrunch ⋅ Zack Whittaker
Founder of spyware maker pcTattletale pleads guilty to hacking and advertising surveillance software
pcTattletale

2026-01-05 ⋅ Github (cocomelonc) ⋅ cocomelonc
MacOS malware persistence 1: LaunchAgents. Simple C example

2026-01-05 ⋅ HudsonRock ⋅ InfoStealers
Dozens of Global Companies Hacked via Cloud Credentials from Infostealer Infections & More at Risk

2026-01-02 ⋅ The Record ⋅ Jonathan Greig
Sedgwick confirms cyber incident affecting its major federal contractor subsidiary
TridentLocker

2025-12-30 ⋅ Botcrawl ⋅ Sean Doyle
Saudi Icon Data Breach Exposes 4.15TB in Alleged Kazu Ransomware Attack
Kazu

2025-12-30 ⋅ Koi Security ⋅ Gal Hachamov, Tuval Admoni
DarkSpectre: Unmasking the Threat Actor Behind 8.8 Million Infected Browsers
DarkSpectre ShadyPanda

2025-12-30 ⋅ US Department of Justice ⋅ Office of Public Affairs
Two Americans Plead Guilty to Targeting Multiple U.S. Victims Using ALPHV BlackCat Ransomware
BlackCat BlackCat

2025-12-29 ⋅ Kaspersky ⋅ Noushin Shabab
The HoneyMyte APT evolves with a kernel-mode rootkit and a ToneShell backdoor
PlugX TONESHELL

2025-12-29 ⋅ LinkedIn (Idan Tarab) ⋅ Idan Tarab
Active Spear-Phishing Campaign Targeting Israeli Security-Related Individuals — Infrastructure Linked to APT42 (Hashtag#CharmingKitten)

2025-12-23 ⋅ secpod ⋅ Santosh Sethuraman
Zero-Day Crisis: CVE-2025-20393 Unpatched on Cisco Email Gateways, Exploited by China-Linked Hackers
UAT-9686

2025-12-21 ⋅ Genians ⋅ Genians
Operation Artemis: Analysis of HWP-Based DLL Side Loading Attacks
RokRAT

2025-12-19 ⋅ Intezer ⋅ Nicole Fishbein
Tracing a Paper Werewolf campaign through AI-generated decoys and Excel XLLs
EchoGather

2025-12-18 ⋅ Proofpoint ⋅ Proofpoint Threat Research Team
Access granted: phishing with device code authorization for account takeover
TA2723 UNK_AcademicFlare

2025-12-18 ⋅ HelpNetSecurity ⋅ John Wilson
Clipping Scripted Sparrow’s wings: Tracking a global phishing ring
Scripted Sparrow

2025-12-18 ⋅ Acronis ⋅ Acronis Security
Acronis TRU Alliance {Hunt.io}: Hunting DPRK threats - New Global Lazarus & Kimsuky campaigns
BADCALL POOLRAT Quasar RAT