Malpedia Library

Click here to download all references as Bib-File.•

2025-05-20 ⋅ Acronis ⋅ Jozsef Gegeny, Prakas Thevendaran, Santiago Pontiroli
From banks to battalions: SideWinder’s attacks on South Asia’s public sector

2025-05-19 ⋅ cocomelonc ⋅ cocomelonc
AIYA - Mobile malware development book. First edition
AndroRAT Anubis CraxsRAT Dendroid FakeGram Hydra IPStorm SpyNote

2025-05-19 ⋅ CSA ⋅ Ahmad Abdillah
Reversing a Microsoft-Signed Rootkit: The Netfilter Driver
NetfilterRootkit

2025-05-19 ⋅ RalfHacker
GitHub - Adaptix-Framework//AdaptixC2
AdaptixC2

2025-05-17 ⋅ Denwp Research ⋅ Tonmoy Jitu
More_Eggs? A Venom Spider Backdoor Targeting HR
More_eggs

2025-05-16 ⋅ AhnLab ⋅ ASEC
DBatLoader (ModiLoader) Being Distributed to Turkish Users
DBatLoader

2025-05-16 ⋅ Gdata ⋅ Karsten Hahn
Printer company provided infected software downloads for half a year
SnipVex

2025-05-14 ⋅ ⋅ LAC ⋅ Yoshihiro Ishikawa
Continued EAGERBEE (Thumtais) malware activity
EagerBee

2025-05-13 ⋅ Trend Micro ⋅ Philip Chen, Pierre Lee, Vickie Su
Earth Ammit Disrupts Drone Supply Chains Through Coordinated Multi-Wave Attacks in Taiwan

2025-05-13 ⋅ Proofpoint ⋅ Greg Lesnewich, Mark Kelly, Saher Naumaan
TA406 Pivots to the Front

2025-05-13 ⋅ EclecticIQ ⋅ Arda Büyükkaya
China-Nexus Nation State Actors Exploit SAP NetWeaver (CVE-2025-31324) to Target Critical Infrastructures
KrustyLoader SNOWLIGHT Vshell

2025-05-13 ⋅ Cisco Talos ⋅ Asheer Malhotra, Ashley Shen, Edmund Brumaghin, Vitor Ventura
Defining a new methodology for modeling and tracking compartmentalized threats

2025-05-13 ⋅ CSA ⋅ Ahmad Abdillah
Intrusion Insights Straight from Leaked Operator Chats
LockBit LockBit LockBit

2025-05-12 ⋅ Synacktiv ⋅ Maxence Fossat
Open-source toolset of an Ivanti CSA attacker
HTran iox reGeorg

2025-05-12 ⋅ Genians ⋅ Genians
Analysis of APT37 Attack Case Disguised as a Think Tank for National Security Strategy in South Korea (Operation. ToyBox Story)
RokRAT

2025-05-10 ⋅ cocomelonc ⋅ cocomelonc
Malware development trick 47: simple Windows clipboard hijacking. Simple C example.
CosmicDuke RokRAT

2025-05-09 ⋅ Lumen ⋅ Chris Formosa, Ryan English
Classic Rock: Hunting a Botnet that preys on the Old

2025-05-09 ⋅ US Department of Justice ⋅ U.S. Attorney's Office, Northern District of Oklahoma
Botnet Dismantled in International Operation, Russian and Kazakhstani Administrators Indicted
TheMoon

2025-05-09 ⋅ Lumen ⋅ Black Lotus Labs
Classic Rock: Hunting a Botnet that preys on the Old

2025-05-08 ⋅ DataBreaches.net ⋅ @chum1ng0, Dissent
Negotiations with the Akira ransomware group: an ill-advised approach
Akira