Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2026-03-31GoogleAdrian Hernandez, Ashley Zaya, Austin Larsen, Christopher Gardner, Dima Lenz, Michael Rudden, Mon Liclican, Tyler McLellan
North Korea-Nexus Threat Actor Compromises Widely Used Axios NPM Package in Supply Chain Attack
WAVESHAPER
2026-03-04EG-FinCirtEG-FinCirt Malware Analysis team
Remcos RAT Operations: How Attackers Gain and Maintain Control
Remcos
2026-02-24BlueVoyantJoshua Green, Patrick Mchale
Mercenary Akula Hits Ukraine-Supporting Financial Institution
RMS
2026-01-19OpenSourceMalwarePaul McCarty
Contagious Interview gets an upgrade for 2026 - A comprehensive analysis by OpenSourceMalware
OtterCandy
2026-01-12SecuronixAaron Beardslee, Akshay Gaikwad, Shikha Sangwan
SHADOW#REACTOR – Text-Only Staging, .NET Reactor, and In-Memory Remcos RAT Deployment
Remcos
2025-11-25Arctic WolfArctic Wolf Labs Team, Jacob Faires
Russian RomCom Utilizing SocGholish to Deliver Mythic Agent to U.S. Companies Supporting Ukraine
FAKEUPDATES
2025-10-22SentinelOneTom Hegel
PhantomCaptcha | Multi-Stage WebSocket RAT Targets Ukraine in Single-Day Spearphishing Operation
Princess
2025-10-10McAfeeHarshil Patel, Prabudh Chakravorty
Astaroth: Banking Trojan Abusing GitHub for Resilience
Astaroth
2025-09-30GoogleAswad Robinson, Bhavesh Dhake, Laith Al, Matthew McWhirt, Michael Rudden, Omar ElAhdan
Cybercrime Observations from the Frontlines: UNC6040 Proactive Hardening Recommendations
2025-09-30ElasticElastic
WARMCOOKIE One Year Later: New Features and Fresh Insights
WarmCookie
2025-09-25Koi SecurityIdan Dardikman
First Malicious MCP in the Wild: The Postmark Backdoor That's Stealing Your Emails
2025-09-16Wiz.ioBarak Sharoni, Merav Bar, Rami McCarthy
Shai-Hulud: Ongoing Package Supply Chain Worm Delivering Data-Stealing Malware
Shai-Hulud
2025-09-09Positive TechnologiesViktor Kazakov
Phantom pains: a large-scale cyberespionage campaign and a possible split within the PhantomCore APT group
PhantomCore
2025-09-02At-BayAaron Smith, Laurie Iacono, MC, Ricardo Vazquez, Rohit Pappali, Will Botto, Yiwei Guo
Rhysida: Evading Detection, One Service at a Time
Rhysida
2025-08-26GoogleAustin Larsen, Matt Lin, Omar ElAhdan, Tyler McLellan
Widespread Data Theft Targets Salesforce Instances via Salesloft Drift
UNC6395
2025-08-25circleidWhoisXML API
RomCom and TransferLoader IoCs in the Spotlight
ROMCOM RAT TransferLoader
2025-08-19The Wall Street JournalRobert McMillan
Oregon Man Accused of Operating One of Most Powerful Attack ‘Botnets’ Ever Seen
RapperBot
2025-08-11ESET ResearchAnton Cherepanov, Damien Schaeffer, Peter Strýček
Update WinRAR tools now: RomCom and others exploiting zero-day vulnerability
dynamichttp
2025-07-20rmceoin.github.ioRandy McEoin
Perl based macOS/linux Stealer
Pearl Stealer
2025-06-30ProofpointDavid Galazin, Greg Lesnewich, Kelsey Merriman, Proofpoint Threat Research Team, Selena Larson
10 Things I Hate About Attribution: RomCom vs. TransferLoader
DustyHammock MeltingClaw RustyClaw ShadyHammock SlipScreen TransferLoader TA829