Malpedia Library

Click here to download all references as Bib-File.•

2025-08-27 ⋅ ⋅ PlainBit ⋅ Heejae Hwang
PureHVNC malware disguised as a copyright infringement notice email
ClipBanker PureRAT

2025-08-27 ⋅ TRUESEC ⋅ Andreas Törnqvist, Mattias Wåhlén, Nicklas Keijser, oscar Wolf
Tamperedchef – The Bad PDF Editor
TamperedChef

2025-08-27 ⋅ StepSecurity ⋅ Anish Kurmi
Supply Chain Security Alert: Popular Nx Build System Package Compromised with Data-Stealing Malware
s1ngularity Stealer

2025-08-27 ⋅ Recorded Future ⋅ Insikt Group
One Step Ahead: Stark Industries Solutions Preempts EU Sanctions

2025-08-27 ⋅ Anthropic ⋅ Anthropic
Anthropic - Threat Intelligence Report: August 2025
BeaverTail OtterCookie GolangGhost InvisibleFerret GolangGhost

2025-08-27 ⋅ US Department of Defense ⋅ CISA
Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System

2025-08-27 ⋅ Defentive ⋅ Defentive Threat Research
Anatomy of a Real Phishing Attack: How Defentive Detected and Stopped It in Action

2025-08-26 ⋅ Recorded Future ⋅ Insikt Group
TAG-144’s Persistent Grip on South American Organizations
AsyncRAT BitRAT DCRat LimeRAT NjRAT PureCrypter Quasar RAT Remcos

2025-08-26 ⋅ Google ⋅ Austin Larsen, Matt Lin, Omar ElAhdan, Tyler McLellan
Widespread Data Theft Targets Salesforce Instances via Salesloft Drift
UNC6395

2025-08-26 ⋅ Sophos ⋅ Sophos Counter Threat Unit Research Team
Velociraptor incident response tool abused for remote access

2025-08-26 ⋅ Twitter (@ESETresearch) ⋅ ESET Research
Tweet about PromptLock discovery
PromptLock

2025-08-25 ⋅ zimperium ⋅ Vishnu Pratapagiri
Hook Version 3: The Banking Trojan with The Most Advanced Capabilities
Hook

2025-08-25 ⋅ Google ⋅ Google Threat Intelligence Group
Deception in Depth: PRC-Nexus Espionage Campaign Hijacks Web Traffic to Target Diplomats
STATICPLUGIN

2025-08-24 ⋅ cocomelonc ⋅ cocomelonc
MacOS hacking part 10: shellcode injection via task_for_pid - create remote thread. Simple C (Intel) example

2025-08-23 ⋅ LevelBlue ⋅ Jeff Kieschnick
Like PuTTY in Admin’s Hands
Broomstick

2025-08-22 ⋅ K7 Security ⋅ Harihara Sudhan
Examining the tactics of BQTLOCK Ransomware & its variants
BQTlock

2025-08-21 ⋅ Zscaler ⋅ Himanshu Sharma
Android Document Readers and Deception: Tracking the Latest Updates to Anatsa
Anatsa

2025-08-21 ⋅ GBHackers on Security ⋅ Aman Mishra
Threat Actors Weaponize PDF Editor Trojan to Convert Devices into Proxies
TamperedChef

2025-08-21 ⋅ Trellix ⋅ Sagar Bade
The Silent, Fileless Threat of VShell
VShell

2025-08-21 ⋅ Swiss Post Cybersecurity ⋅ Louis Schürmann
The ClickFix Deception: How a Fake CAPTCHA Deploys an Evasive Infostealer
donut_injector