Malpedia Library

Click here to download all references as Bib-File.•

2025-11-26 ⋅ Intrinsec ⋅ CTI Intrinsec, David Sardinha
Trouble in the air: A spree of campaigns targeting the aerospace industry in Russia
DarkWatchman CloudEyE Formbook PhantomCore Remcos

2025-11-25 ⋅ Arctic Wolf ⋅ Arctic Wolf Labs Team, Jacob Faires
Russian RomCom Utilizing SocGholish to Deliver Mythic Agent to U.S. Companies Supporting Ukraine
FAKEUPDATES

2025-11-22 ⋅ LinkedIn (Idan Tarab) ⋅ Idan Tarab
India‑Aligned "Dropping Elephant" Pushes a New Stealth Marshalled‑Python Backdoor via MSBuild Dropper in Observed Activity Targeting Pakistan’s Defense Sector

2025-11-20 ⋅ Google ⋅ Dan Perez, Harsh Parashar, Tierra Duncan
Beyond the Watering Hole: APT24's Pivot to Multi-Vector Attacks
BADAUDIO Cobalt Strike

2025-11-19 ⋅ Amazon ⋅ CJ Moses
New Amazon Threat Intelligence findings: Nation-state actors bridging cyber and kinetic warfare

2025-11-19 ⋅ SecurityScorecard ⋅ Gilad Friedenreich Maizles, Marty Kareem
Thousands of ASUS Routers Hijacked in Global Operation “WrtHug” in a Suspected China-Backed Campaign

2025-11-19 ⋅ ESET Research ⋅ Dávid Gábriš, Facundo Muñoz
PlushDaemon compromises network devices for adversary-in-the-middle attacks
EdgeStepper LittleDaemon

2025-11-18 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Cyberattack against an educational institution in eastern Ukraine using the GAMYBEAR software tool (CERT-UA#18329)
GAMYBEAR

2025-11-17 ⋅ 0x0d4y ⋅ 0x0d4y
Nation-State Actor’s Arsenal: An In-Depth Look at Lazarus’ ScoringMathTea
ScoringMathTea

2025-11-13 ⋅ NVISO Labs ⋅ Bart Parys, Efstratios Lontzetidis, Stef Collart
Contagious Interview Actors Now Utilize JSON Storage Services for Malware Delivery
BeaverTail OtterCookie InvisibleFerret Beavertail TsunamiKit

2025-11-10 ⋅ Genians ⋅ Genians
State-Sponsored Remote Wipe Tactics Targeting Android Devices
Quasar RAT Remcos

2025-11-07 ⋅ ENKI ⋅ ENKI
Lazarus Group targets Aerospace and Defense with new Comebacker variant
ComeBacker

2025-11-05 ⋅ ESET Research ⋅ ESET Research
APT Activity: Russia-Aligned APTs Ramp Up Attacks Against Ukraine and Its Strategic Partners (April 2025 – September 2025 Report)

2025-10-31 ⋅ Expel ⋅ AARON WALTON
Certified OysterLoader: Tracking Rhysida ransomware gang activity via code-signing certificates
Broomstick

2025-10-29 ⋅ Qianxin ⋅ Acey9, Alex.Turing
Smoking Gun Uncovered: RPX Relay at PolarEdge’s Core Exposed
PolarEdge

2025-10-27 ⋅ Kaspersky ⋅ Boris Larin
Mem3nt0 mori – The Hacking Team is back!
Dante

2025-10-22 ⋅ Trend Micro ⋅ Daniel Lunghi, Joseph C Chen, Lenart Bermejo, Leon M Chang, Vickie Su
The Rise of Collaborative Tactics Among China-aligned Cyber Espionage Campaigns
Cobalt Strike DracuLoader ShadowPad

2025-10-20 ⋅ Darktrace ⋅ Nathaniel Jones, Sam Lister
Salty Much: Darktrace’s view on a recent Salt Typhoon intrusion
SNAPPYBEE

2025-10-20 ⋅ Ransom-ISAC ⋅ Ellis Stannard
Cross-Chain TxDataHiding Crypto Heist: A Very Chainful Process (Part 1)
JADESNOW

2025-10-19 ⋅ ⋅ CNCERT ⋅ CNCERT
Technical Analysis Report on National Timing Center's National Security Agency Cyberattacks
DanderSpritz