Malpedia Library

Click here to download all references as Bib-File.•

2025-12-10 ⋅ zimperium ⋅ Vishnu Pratapagiri
Total Takeover: DroidLock Hijacks Your Device
DroidLock

2025-12-10 ⋅ Netresec ⋅ Erik Hjelmvik
Latrodectus BackConnect
IcedID Keyhole Latrodectus

2025-12-09 ⋅ Recorded Future ⋅ Insikt Group
GrayBravo’s CastleLoader Activity Clusters Target Multiple Industries
CASTLELOADER Matanbuchus NightshadeC2 GrayBravo

2025-12-09 ⋅ CISA ⋅ CISA
Pro-Russia Hacktivists Conduct Opportunistic Attacks Against US and Global Critical Infrastructure

2025-12-09 ⋅ Department of Justice ⋅ Office of Public Affairs
Justice Department Announces Actions to Combat Two Russian State-Sponsored Cyber Criminal Hacking Groups

2025-12-09 ⋅ Environmental Protection Agency ⋅ EPA Press Office
Foreign National Indicted and Extradited to the United States for Role in Two Russia-Linked Cyber Hacking Groups

2025-12-09 ⋅ Department of Justice ⋅ U.S. Attorney's Office Central District of California
Justice Department Announces Actions to Combat Two Russian State-Sponsored Cyber Criminal Hacking Groups

2025-12-09 ⋅ BlackPoint ⋅ Sam Decker
Snakes in the Castle: Inside the Walls of Python-Driven CastleLoader Delivery
CASTLELOADER

2025-12-08 ⋅ Ransom-ISAC ⋅ Andrii Sovershennyi, Nick Smart
Cross-Chain TxDataHiding Crypto Heist: A Very (Very) Chainful Process (Part 4)
JADESNOW

2025-12-08 ⋅ sysdig ⋅ Sysdig Threat Research Team
EtherRAT: DPRK uses novel Ethereum implant in React2Shell attacks
EtherRAT

2025-12-04 ⋅ Controlware ⋅ Serkan Sirmaci
Beyond Potentially Unwanted Apps
TamperedChef

2025-12-04 ⋅ Amazon ⋅ CJ Moses
China-nexus cyber threat groups rapidly exploit React2Shell vulnerability (CVE-2025-55182)

2025-12-04 ⋅ CISA ⋅ Canadian Centre for Cyber Security, CISA, NSA
Malware Analysis Report (MAR) BRICKSTORM Backdoor
BRICKSTORM

2025-12-03 ⋅ Hunt.io ⋅ Hunt.io
Malicious VSCode Extension Launches Multi-Stage Attack Chain with Anivia Loader and OctoRAT
OctoRAT

2025-12-02 ⋅ Github (cocomelonc) ⋅ cocomelonc
HVCK magazine - issue 1: How to “hack” your Epson printer

2025-12-02 ⋅ Trend Micro ⋅ Byron Gelera, Emmanuel Panopio, Ian Kenefick, Jeffrey Francis Bonaobra, Joe Soares, Sarah Pearl Camiling
Unraveling Water Saci's New Multi-Format, AI-Enhanced Attacks Propagated via WhatsApp
Water Saci

2025-12-02 ⋅ ⋅ Positive Technologies ⋅ Igor Shiryaev, Kirill Navoshchik, Maxim Shamanov, Stanislav Pyzhov, Vladislav Lunin
(Ex)Cobalt. A review of the group's tools in attacks for 2024-2025
PUMAKIT

2025-12-01 ⋅ Kaspersky Labs ⋅ Kaspersky Lab ICS CERT
APT and financial attacks on industrial organizations in Q3 2025
ComicForm

2025-12-01 ⋅ NetAskari Substack ⋅ NetAskari
Critical strike: China's hacking training grounds (PART 2)

2025-11-26 ⋅ Intrinsec ⋅ CTI Intrinsec, David Sardinha
Trouble in the air: A spree of campaigns targeting the aerospace industry in Russia
DarkWatchman CloudEyE Formbook PhantomCore Remcos