Malpedia Library

Click here to download all references as Bib-File.•

2025-06-24 ⋅ Socket ⋅ Socket
Another Wave: North Korean Contagious Interview Campaign Drops 35 New Malicious npm Packages
BeaverTail InvisibleFerret

2025-06-23 ⋅ Gdata ⋅ Karsten Hahn
ConnectUnwise: Threat actors abuse ConnectWise as builder for signed malware
EvilConwi

2025-06-23 ⋅ cocomelonc ⋅ cocomelonc
Linux hacking part 6: Linux kernel module with params. Simple C example

2025-06-21 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Cyberattacks UAC-0001 (APT28) in relation to public authorities using BEARDSHELL and COVENANT
BEARDSHELL SLIMAGENT

2025-06-19 ⋅ Hunt.io ⋅ Hunt.io
Cobalt Strike Operators Leverage PowerShell Loaders Across Chinese, Russian, and Global Infrastructure
Cobalt Strike

2025-06-19 ⋅ Government of Canada ⋅ Government of Canada
Cyber threat bulletin: People's Republic of China cyber threat activity: PRC cyber actors target telecommunications companies as part of a global cyberespionage campaign

2025-06-19 ⋅ cocomelonc ⋅ cocomelonc
MacOS hacking part 2: classic injection trick into macOS applications. Simple C example

2025-06-17 ⋅ Trend Micro ⋅ Ahmed Mohamed Ibrahim, Aliakbar Zahravi, Shubham Singh, Sunil Bharti
Critical Langflow Vulnerability (CVE-2025-3248) Actively Exploited to Deliver Flodrix Botnet
Flodrix

2025-06-16 ⋅ Proofpoint ⋅ Jeremy Hedges, Proofpoint Threat Research Team, Tommy Madjar
Amatera Stealer: Rebranded ACR Stealer With Improved Evasion, Sophistication
ACR Stealer Amatera

2025-06-13 ⋅ Twitter (@Unit42_Intel) ⋅ Unit 42
Tweet about APT27 SysUpdate activity
HyperSSL HyperSSL

2025-06-12 ⋅ Check Point Research ⋅ Check Point
From Trust to Threat: Hijacked Discord Invites Used for Multi-Stage Malware Delivery
AsyncRAT Skuld

2025-06-12 ⋅ Infoblox ⋅ Infoblox Threat Intelligence Group
Vexing and Vicious: The Eerie Relationship between WordPress Hackers and an Adtech Cabal
DollyWay

2025-06-12 ⋅ Symantec ⋅ Carbon Black, Threat Hunter Team
Fog Ransomware: Unusual Toolset Used in Recent Attack
Fog

2025-06-12 ⋅ cocomelonc ⋅ cocomelonc
MacOS hacking part 1: stealing data via legit Telegram API. Simple C example

2025-06-11 ⋅ Interpol ⋅ Interpol
20,000 malicious IPs and domains taken down in INTERPOL infostealer crackdown

2025-06-09 ⋅ Sentinel LABS ⋅ Aleksandar Milenkoski, Tom Hegel
Follow the Smoke | China-nexus Threat Actors Hammer At the Doors of Top Tier Targets
GOREshell Nimbo-C2 ShadowPad

2025-06-05 ⋅ Hunt.io ⋅ Hunt.io
Abusing Paste.ee to Deploy XWorm and AsyncRAT Across Global C2 Infrastructure
AsyncRAT XWorm

2025-06-05 ⋅ FBI ⋅ FBI
Alert Number: I-060525-PSA - Home Internet Connected Devices Facilitate Criminal Activity
BADBOX

2025-06-05 ⋅ Cisco Talos ⋅ Asheer Malhotra, Dmytro Korzhevin, Jacob Finn
Newly identified wiper malware “PathWiper” targets critical infrastructure in Ukraine
PathWiper

2025-06-05 ⋅ Mobile-Hacker ⋅ mh
Analysis of Spyware That Helped to Compromise a Syrian Army from Within
SpyMax