Malpedia Library

Click here to download all references as Bib-File.•

2025-07-01 ⋅ ANSSI ⋅ ANSSI
Houken: Seeking a Path by Living on The Edge With Zero-Days
GOREVERSE

2025-07-01 ⋅ ANSSI ⋅ ANSSI
Houken seeking a path by living on the edge with zero-days
GOREshell

2025-06-30 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Jasper Sleet: North Korean remote IT workers’ evolving tactics to infiltrate organizations

2025-06-29 ⋅ Medium Sapir Twig ⋅ Sapir Twig
Inside DarkGate: In-Depth Technical Analysis of the Malware-as-a-Service Threat
DarkGate

2025-06-27 ⋅ WithSecure ⋅ Mohammad Kazem Hassan Nejad
WEEVILPROXY
WEEVILPROXY

2025-06-26 ⋅ Arctic Wolf ⋅ Arctic Wolf Labs Team
GIFTEDCROOK’s Strategic Pivot: From Browser Stealer to Data Exfiltration Platform During Critical Ukraine Negotiations
GIFTEDCROOK

2025-06-25 ⋅ cocomelonc ⋅ cocomelonc
MacOS hacking part 3: shellcoding. x86_64 assembly intro. Simple NASM examples

2025-06-25 ⋅ Check Point Research ⋅ Check Point Research
In the Wild: Malware Prototype with Embedded Prompt Injection
Skynet

2025-06-24 ⋅ Socket ⋅ Socket
Another Wave: North Korean Contagious Interview Campaign Drops 35 New Malicious npm Packages
BeaverTail InvisibleFerret

2025-06-24 ⋅ Trellix ⋅ Nico Paulo Yturriaga, Pham Duy Phuc
OneClik: A ClickOnce-Based APT Campaign Targeting Energy, Oil and Gas Infrastructure

2025-06-23 ⋅ cegeka ⋅ Christos Katopis, Cristina Aldea
StealeriumPy: A Stealerium variant distributed through ClickFix
Stealerium

2025-06-23 ⋅ DeXpose ⋅ M4lcode
AnyDesk Clone Drops .NET Loader with AES Encrypted Payload and AV Evasion Delivering Phemedrone Stealer
Phemedrone Stealer

2025-06-23 ⋅ Gdata ⋅ Karsten Hahn, Lance Go
ConnectUnwise: Threat actors abuse ConnectWise as builder for signed malware
EvilConwi

2025-06-23 ⋅ cocomelonc ⋅ cocomelonc
Linux hacking part 6: Linux kernel module with params. Simple C example

2025-06-23 ⋅ Rushter ⋅ Artem Golubin
Threat Hunting Introduction: Cobalt Strike
Cobalt Strike

2025-06-23 ⋅ Darkatlas ⋅ Darkatlas Squad
Bluenoroff (APT38) Live Infrastructure Hunting

2025-06-21 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Cyberattacks UAC-0001 (APT28) in relation to public authorities using BEARDSHELL and COVENANT
BEARDSHELL GRUNT SLIMAGENT

2025-06-20 ⋅ K7 Security ⋅ Baran S
SpyMax
SpyMax

2025-06-20 ⋅ Validin ⋅ Kenneth Kinion
Zooming through BlueNoroff Indicators with Validin

2025-06-19 ⋅ Hunt.io ⋅ Hunt.io
Cobalt Strike Operators Leverage PowerShell Loaders Across Chinese, Russian, and Global Infrastructure
Cobalt Strike