Malpedia Library

Click here to download all references as Bib-File.•

2026-01-08 ⋅ FBI ⋅ IC3
North Korean Kimsuky Actors Leverage Malicious QR Codes in Spearphishing Campaigns Targeting U.S. Entities

2026-01-06 ⋅ Trellix ⋅ Aswath A
The Ghost in the Machine: Unmasking CrazyHunter's Stealth Tactics
CrazyHunter

2026-01-06 ⋅ TechCrunch ⋅ Zack Whittaker
Founder of spyware maker pcTattletale pleads guilty to hacking and advertising surveillance software
pcTattletale

2026-01-05 ⋅ HudsonRock ⋅ InfoStealers
Dozens of Global Companies Hacked via Cloud Credentials from Infostealer Infections & More at Risk

2025-12-30 ⋅ Koi Security ⋅ Gal Hachamov, Tuval Admoni
DarkSpectre: Unmasking the Threat Actor Behind 8.8 Million Infected Browsers

2025-12-30 ⋅ US Department of Justice ⋅ Office of Public Affairs
Two Americans Plead Guilty to Targeting Multiple U.S. Victims Using ALPHV BlackCat Ransomware
BlackCat BlackCat

2025-12-29 ⋅ LinkedIn (Idan Tarab) ⋅ Idan Tarab
Active Spear-Phishing Campaign Targeting Israeli Security-Related Individuals — Infrastructure Linked to APT42 (Hashtag#CharmingKitten)

2025-12-21 ⋅ Genians ⋅ Genians
Operation Artemis: Analysis of HWP-Based DLL Side Loading Attacks
RokRAT

2025-12-19 ⋅ Intezer ⋅ Nicole Fishbein
Tracing a Paper Werewolf campaign through AI-generated decoys and Excel XLLs
EchoGather

2025-12-18 ⋅ Acronis ⋅ Acronis Security
Acronis TRU Alliance {Hunt.io}: Hunting DPRK threats - New Global Lazarus & Kimsuky campaigns
BADCALL POOLRAT Quasar RAT

2025-12-18 ⋅ Gen Digital Inc ⋅ Vojtěch Krejsa
Gen Blogs | Defeating AuraStealer: Practical Deobfuscation Workflows for Modern Infostealers
Aura Stealer

2025-12-18 ⋅ safebreach ⋅ Tomer Bar
Prince of Persia: A decade of Iranian Nation State APT Campaign Activity
Infy Tonnerre

2025-12-18 ⋅ Cyderes ⋅ Rahul Ramesh
From Loader to Looter: ACR Stealer Rides on Upgraded CountLoader
ACR Stealer CountLoader

2025-12-18 ⋅ BlackPoint ⋅ Nevan Beal, Sam Decker
New MintsLoader Variant Using Hashtable Obfuscation
MintsLoader

2025-12-17 ⋅ XLab ⋅ Acey9, Alex.Turing, RootKiter, Wang Hao
Kimwolf Exposed: The Massive Android Botnet with 1.8 Million Infected Devices
Kimwolf

2025-12-16 ⋅ sysdig ⋅ Sysdig Threat Research Team
EtherRAT dissected: How a React2Shell implant delivers 5 payloads through blockchain C2
EtherRAT

2025-12-15 ⋅ Squiblydoo ⋅ Squiblydoo
SolarMarker: Actions-On-Target
solarmarker

2025-12-15 ⋅ StrikeReady ⋅ StrikeReady Labs
Russian APT actor phishes the Baltics and the Balkans

2025-12-15 ⋅ Bleeping Computer ⋅ Sergiu Gatlan
French Interior Ministry confirms cyberattack on email servers

2025-12-11 ⋅ Trend Micro ⋅ Daniel Lunghi, Feike Hacquebord, Ian Kenefick
SHADOW-VOID-042 Targets Multiple Industries with Void Rabisu-like Tactics
ROMCOM RAT