Malpedia Library

Click here to download all references as Bib-File.•

2026-01-28 ⋅ Google ⋅ Google Threat Intelligence Group
No Place Like Home Network: Disrupting the World's Largest Residential Proxy Network

2026-01-27 ⋅ Google ⋅ Google Threat Intelligence Group
Diverse Threat Actors Exploiting Critical WinRAR Vulnerability CVE-2025-8088

2025-12-12 ⋅ Google ⋅ Aragorn Tseng, Austin Larsen, CASEY CHARRIER, Genevieve Stark, Robert Weiner, Zander Work
Multiple Threat Actors Exploit React2Shell (CVE-2025-55182)
ANGRYREBEL MINOCAT SNOWLIGHT Earth Lamia

2025-12-04 ⋅ Aryaka Networks ⋅ bikash dash, varadharajan krishnasamy
Scam in the Cloud How Fraudsters Exploit Google Cloud Storage (GCS) for Deceptive Campaigns

2025-11-20 ⋅ Google ⋅ Dan Perez, Harsh Parashar, Tierra Duncan
Beyond the Watering Hole: APT24's Pivot to Multi-Vector Attacks
BADAUDIO Cobalt Strike

2025-10-20 ⋅ Google ⋅ Wesley Shields
To Be (A Robot) or Not to Be: New Malware Attributed to Russia State-Sponsored COLDRIVER
MAYBEROBOT NOROBOT YESROBOT

2025-09-30 ⋅ Google ⋅ Aswad Robinson, Bhavesh Dhake, Laith Al, Matthew McWhirt, Michael Rudden, Omar ElAhdan
Cybercrime Observations from the Frontlines: UNC6040 Proactive Hardening Recommendations

2025-09-24 ⋅ Google ⋅ Ashley Pearson, Austin Larsen, BRAD SLAYBAUGH, Doug Bienstock, Geoff Carstairs, John Wolfram, Josh Madeley, Josh Murchie, Matt Lin, Sarah Yoder
Another BRICKSTORM: Stealthy Backdoor Enabling Espionage into Tech and Legal Sectors
BRICKSTORM

2025-09-05 ⋅ Arctic Wolf ⋅ Dmitry Kupin, Dmitry Melikov, Jacob Faires, Jon Grimm, Pavel Usatenko
GPUGate Malware: Malicious GitHub Desktop Implants Use Hardware-Specific Decryption, Abuse Google Ads to Target Western Europe

2025-08-26 ⋅ Google ⋅ Austin Larsen, Matt Lin, Omar ElAhdan, Tyler McLellan
Widespread Data Theft Targets Salesforce Instances via Salesloft Drift
UNC6395

2025-08-25 ⋅ Google ⋅ Google Threat Intelligence Group
Deception in Depth: PRC-Nexus Espionage Campaign Hijacks Web Traffic to Target Diplomats
PlugX UNC6384

2025-08-25 ⋅ Google ⋅ Google Threat Intelligence Group
Deception in Depth: PRC-Nexus Espionage Campaign Hijacks Web Traffic to Target Diplomats
STATICPLUGIN

2025-07-08 ⋅ Koi Security ⋅ Idan Dardikman
Google and Microsoft Trusted Them. 2.3 Million Users Installed Them. They Were Malware.

2025-06-18 ⋅ Google ⋅ Gabby Roncone, Wesley Shields
What’s in an ASP? Creative Phishing Attack on Prominent Academics and Critics of Russia
UNC6293

2025-06-04 ⋅ Google ⋅ Google Threat Intelligence Group
The Cost of a Call: From Voice Phishing to Data Extortion
UNC6040

2025-05-28 ⋅ Google ⋅ Patrick Whitsell
Mark Your Calendar: APT41 Innovative Tactics
TOUGHPROGRESS

2025-05-07 ⋅ Google ⋅ Wesley Shields
COLDRIVER Using New Malware To Steal Documents From Western Targets and NGOs
LOSTKEYS

2025-04-30 ⋅ Google Cloud Community ⋅ Praveeth DSouza
Finding Malware: Unveiling LUMMAC.V2 with Google Security Operations
Lumma Stealer

2025-04-21 ⋅ Twitter (@browsercookies) ⋅ Cookie Connoisseur
Tweet on public Google Drive potentially connected to DPRK activity.

2025-03-31 ⋅ GootLoader Wordpress ⋅ gootloadersites
Gootloader Returns: Malware Hidden in Google Ads for Legal Documents
GootLoader