Malpedia Library

Click here to download all references as Bib-File.•

2026-04-01 ⋅ Zscalar ⋅ Avinash Kumar, Jithin Prajeev Nair, Mallikarjun Piddannavar, Manisha Ramcharan Prajapati
Anthropic Claude Code Leak
GhostSocks Vidar

2026-04-01 ⋅ cocomelonc ⋅ cocomelonc
MacOS hacking part 13: sysinfo stealer via VirusTotal API. Simple C example

2026-03-31 ⋅ BitSight ⋅ BitSight
Ransomware with a Twizt: Inside the Phorpiex Botnet
LockBit Phorpiex

2026-03-31 ⋅ Google ⋅ Adrian Hernandez, Ashley Zaya, Austin Larsen, Christopher Gardner, Dima Lenz, Michael Rudden, Mon Liclican, Tyler McLellan
North Korea-Nexus Threat Actor Compromises Widely Used Axios NPM Package in Supply Chain Attack
WAVESHAPER

2026-03-30 ⋅ ⋅ CERT.PL ⋅ CERT.PL
FvncBot Campaign Analysis
SpyFRPTunnel

2026-03-30 ⋅ Trend Micro ⋅ John Rainier Navato
TeamPCP’s Telnyx Attack Marks a Shift in Tactics Beyond LiteLLM
TeamPCP

2026-03-30 ⋅ Synthient ⋅ Synthient
ProxyBox: Socks5Systemz Lives On
Socks5 Systemz

2026-03-29 ⋅ ⋅ Cert-UA ⋅ Cert-UA
UAC-0255 cyberattack disguised as a notification from CERT-UA using the AGEWHEEZE software tool (CERT-UA#21075)
AGEWHEEZE Cyber Serp

2026-03-29 ⋅ cocomelonc ⋅ cocomelonc
MacOS malware persistence 7: Re-opened applications. Simple C example

2026-03-27 ⋅ 0x3oBAD ⋅ 0x3oBAD
Inside Mustang Panda: From Spear-Phishing Chains to PlugX — A Deep Dive into Loader Infrastructure
PlugX

2026-03-27 ⋅ Twitter (@fbgwls245) ⋅ Bitshadow
Tweet about Killada Ransomware
killada

2026-03-26 ⋅ SOCRadar ⋅ SOCRadar
Telegram Hacktivist Activity Timeline of Iran – Israel & US War
313 Team Conquerors Electronic Army Cyber Islamic Resistance Keymous+ Z-Pentest Alliance

2026-03-26 ⋅ The Record ⋅ Daryna Antoniuk
Pro-Ukraine hacker group Bearlyfy targets Russian companies with custom ransomware
Babuk LockBit Bearlyfy

2026-03-26 ⋅ Trend Micro ⋅ Ashish Verma, Deep Patel, Fernando Tucci, John Rainier Navato, Peter Girnus, Simon Dulude
Your AI Gateway Was a Backdoor: Inside the LiteLLM Supply Chain Compromise
TeamPCP

2026-03-26 ⋅ Darktrace ⋅ Isabel Evans
Phantom Footprints: Tracking GhostSocks Malware
GhostSocks Lumma Stealer

2026-03-26 ⋅ ANY.RUN ⋅ khr0x, raptur3
Active Magecart Campaign Targets Spain, Steals Card Data via Hijacked eStores for Bank Fraud
magecart

2026-03-26 ⋅ Rapid7 ⋅ Rapid7
BPFdoor in Telecom Networks: Sleeper Cells in the Backbone
BPFDoor tsh

2026-03-25 ⋅ Hexastrike Cybersecurity ⋅ Maurice Fielenbach
Trust the Tunnel, Get the Trojan: Silver Fox Delivers Atlas RAT via Weaponized VPN Installers
Atlas RAT

2026-03-25 ⋅ ANY.RUN ⋅ Achmad Adhikara, GridGuardGhoul
Kamasers Analysis: A Multi-Vector DDoS Botnet Targeting Organizations Worldwide
Kamasers

2026-03-24 ⋅ ⋅ Nguoi Lao Dong ⋅ Tuan Minh
A 12th grader in Thanh Hoa used malicious code to steal computer data users worldwide
PXA Stealer