Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2026-04-15Orange CyberdefenseAlexis Bonnefoi, Marine PICHON, Thomas Brossard
Smoking Out an Affiliate: SmokedHam, Qilin, a few Google Ads and some Bossware
Qilin AgendaCrypt SMOKEDHAM
2026-04-15Orange CyberdefenseAlexis Bonnefoi, Marine PICHON, Thomas Brossard
Smoking Out an Affiliate: SmokedHam, Qilin, a few Google ads and some bossware
AgendaCrypt SMOKEDHAM
2026-04-14ANY.RUNANY.RUN
When Trust Becomes a Weapon: Google Cloud Storage Phishing Deploying Remcos RAT
Remcos
2026-03-31GoogleAdrian Hernandez, Ashley Zaya, Austin Larsen, Christopher Gardner, Dima Lenz, Michael Rudden, Mon Liclican, Tyler McLellan
North Korea-Nexus Threat Actor Compromises Widely Used Axios NPM Package in Supply Chain Attack
WAVESHAPER
2026-03-18GoogleGoogle Threat Intelligence Group
The Proliferation of DarkSword: iOS Exploit Chain Adopted by Multiple Threat Actors
GHOSTBLADE
2026-03-03GoogleGoogle Threat Intelligence Group
Coruna: The Mysterious Journey of a Powerful iOS Exploit Kit
Coruna
2026-03-03GoogleGoogle Threat Intelligence Group
Coruna: The Mysterious Journey of a Powerful iOS Exploit Kit
Coruna UNC6353 UNC6691
2026-02-26Group-IBHans Figueroa, Vlada Govorova
GTFire Phishing Scheme: Avoiding Detection Using Google Services
GTFire
2026-02-25Google0verfl0w_, Anton Chuvakin, Bob Mechler, Crystal Lister, Eduardo Mattos, Google, Jason Bisson, Joachim Metz, John Stone, Jorge Blanco, Keith Lunden, Lia Wertheimer, Matthew Siuda, Michael Robinson, Muhammad Muneer, Noah McDonald, Ollie Green, Seth Rosenblatt
Cloud Threat Horizons Report: H1 2026
UNC6426
2026-02-21kmsecKieran Miyamoto
DPRK tests Google Drive as a malware stager
2026-02-17GoogleDaniel Sislo, Fernando Tomlinson, John Scarbrough, Jr., Nick Harbour, PETER UKHANOV, Rich Reece
From BRICKSTORM to GRIMBOLT: UNC6201 Exploiting a Dell RecoverPoint for Virtual Machines Zero-Day
BRICKSTORM GRIMBOLT SLAYSTYLE UNC6201
2026-02-10GoogleGoogle Threat Intelligence Group
Beyond the Battlefield: Threats to the Defense Industrial Base
Infrastructure Destruction Squad
2026-01-30GoogleMandiant
Vishing for Access: Tracking the Expansion of ShinyHunters-Branded SaaS Data Theft
UNC6671
2026-01-28GoogleGoogle Threat Intelligence Group
No Place Like Home Network: Disrupting the World's Largest Residential Proxy Network
2026-01-27GoogleGoogle Threat Intelligence Group
Diverse Threat Actors Exploiting Critical WinRAR Vulnerability CVE-2025-8088
2025-12-12GoogleAragorn Tseng, Austin Larsen, CASEY CHARRIER, Genevieve Stark, Robert Weiner, Zander Work
Multiple Threat Actors Exploit React2Shell (CVE-2025-55182)
ANGRYREBEL MINOCAT SNOWLIGHT Earth Lamia
2025-12-04Aryaka Networksbikash dash, varadharajan krishnasamy
Scam in the Cloud How Fraudsters Exploit Google Cloud Storage (GCS) for Deceptive Campaigns
2025-11-20GoogleDan Perez, Harsh Parashar, Tierra Duncan
Beyond the Watering Hole: APT24's Pivot to Multi-Vector Attacks
BADAUDIO Cobalt Strike
2025-11-05GoogleGoogle Threat Intelligence Group
GTIG AI Threat Tracker: Advances in Threat Actor Usage of AI Tools
PromptLock UNC1069
2025-10-20GoogleWesley Shields
To Be (A Robot) or Not to Be: New Malware Attributed to Russia State-Sponsored COLDRIVER
MAYBEROBOT NOROBOT YESROBOT