Click here to download all references as Bib-File.•
| 2026-04-12
⋅
cocomelonc
⋅
Mobile malware development trick 3. CPU info logger: anti-VM and anti-sandbox. Simple Android (Kotlin) example. |
| 2026-04-11
⋅
Breakglass Intelligence
⋅
We Dumped a Live Kimsuky C2 and Recovered Every Stage of the Kill Chain: CHM Dropper, VBScript Stager, PowerShell Keylogger RandomQuery RandomQuery |
| 2026-04-10
⋅
DailyDarkWeb
⋅
Guangdong Caiding Market Group Faces Data Breach After Extortion SnowSoul |
| 2026-04-10
⋅
Infoblox
⋅
Scams, Slaves and (Malware-as-a) Service: Tracking a Trojan to Cambodia’s Scam Centers |
| 2026-04-09
⋅
Synaptic Security
⋅
Obfuscation Without Effort: Breaking a UAC-0226 GIFTEDCROOK Stealer GIFTEDCROOK |
| 2026-04-09
⋅
⋅
F6
⋅
Eastern Signature: Investigating a Cyberattack by an Asian Threat Group ShadowPad |
| 2026-04-08
⋅
Lookout
⋅
Beyond BITTER: MENA Civil Society Targeted in Hack-For-Hire Operation Linked to BITTER APT ProSpy |
| 2026-04-08
⋅
Black Lotus Labs
⋅
FrostArmada: All thriller, no (malware) filler |
| 2026-04-07
⋅
CISA
⋅
AA26-097A: Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure Cyber Av3ngers |
| 2026-04-07
⋅
Socket
⋅
North Korea’s Contagious Interview Campaign Spreads Across 5 Ecosystems, Delivering Staged RAT Payloads |
| 2026-04-07
⋅
NCSC UK
⋅
UK exposes Russian military intelligence hijacking vulnerable routers for cyber attacks |
| 2026-04-07
⋅
Black Lotus Labs
⋅
FrostArmada: All thriller, no (malware) filler |
| 2026-04-07
⋅
Talos Intelligence
⋅
New Lua-based malware “LucidRook” observed in targeted attacks against Taiwanese organizations LucidKnight LucidPawn LucidRook UAT-10362 |
| 2026-04-07
⋅
RedPacket Security
⋅
[KRYBIT] – Ransomware Victim: fraper[.]com Krybit |
| 2026-04-07
⋅
Microsoft
⋅
SOHO router compromise leads to DNS hijacking and adversary-in-the-middle attacks |
| 2026-04-07
⋅
IC3
⋅
AA26-097A: Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure |
| 2026-04-07
⋅
NCSC UK
⋅
APT28 exploit routers to enable DNS hijacking operations |
| 2026-04-07
⋅
Gen Digital
⋅
Remus: Unmasking The 64-bit Variant of the Infamous Lumma Stealer Lumma Stealer Remus Tenzor |
| 2026-04-06
⋅
Decrypt
⋅
North Korean Hackers Spent Six Months Infiltrating Drift Before $285M Exploit |
| 2026-04-06
⋅
PICUS Security
⋅
How NoName057(16) Uses DDoSia to Attack NATO Targets Z-Pentest Alliance |