Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2026-04-14ANY.RUNANY.RUN
When Trust Becomes a Weapon: Google Cloud Storage Phishing Deploying Remcos RAT
Remcos
2026-04-02ElasticRemco Sprooten, Ruben Groenewoud
Hooked on Linux: Rootkit Detection Engineering
2026-04-01ZscalarAvinash Kumar, Jithin Prajeev Nair, Mallikarjun Piddannavar, Manisha Ramcharan Prajapati
Anthropic Claude Code Leak
GhostSocks Vidar
2026-03-31GoogleAdrian Hernandez, Ashley Zaya, Austin Larsen, Christopher Gardner, Dima Lenz, Michael Rudden, Mon Liclican, Tyler McLellan
North Korea-Nexus Threat Actor Compromises Widely Used Axios NPM Package in Supply Chain Attack
WAVESHAPER
2026-03-05ElasticRemco Sprooten, Ruben Groenewoud
Hooked on Linux: Rootkit Taxonomy, Hooking Techniques and Tradecraft
2026-03-04EG-FinCirtEG-FinCirt Malware Analysis team
Remcos RAT Operations: How Attackers Gain and Maintain Control
Remcos
2026-02-25Google0verfl0w_, Anton Chuvakin, Bob Mechler, Crystal Lister, Eduardo Mattos, Google, Jason Bisson, Joachim Metz, John Stone, Jorge Blanco, Keith Lunden, Lia Wertheimer, Matthew Siuda, Michael Robinson, Muhammad Muneer, Noah McDonald, Ollie Green, Seth Rosenblatt
Cloud Threat Horizons Report: H1 2026
UNC6426
2026-02-24BlueVoyantJoshua Green, Patrick Mchale
Mercenary Akula Hits Ukraine-Supporting Financial Institution
RMS
2026-01-19OpenSourceMalwarePaul McCarty
Contagious Interview gets an upgrade for 2026 - A comprehensive analysis by OpenSourceMalware
OtterCandy
2026-01-12SecuronixAaron Beardslee, Akshay Gaikwad, Shikha Sangwan
SHADOW#REACTOR – Text-Only Staging, .NET Reactor, and In-Memory Remcos RAT Deployment
Remcos
2025-11-25Arctic WolfArctic Wolf Labs Team, Jacob Faires
Russian RomCom Utilizing SocGholish to Deliver Mythic Agent to U.S. Companies Supporting Ukraine
FAKEUPDATES
2025-10-22SentinelOneTom Hegel
PhantomCaptcha | Multi-Stage WebSocket RAT Targets Ukraine in Single-Day Spearphishing Operation
Princess
2025-10-10McAfeeHarshil Patel, Prabudh Chakravorty
Astaroth: Banking Trojan Abusing GitHub for Resilience
Astaroth
2025-09-30GoogleAswad Robinson, Bhavesh Dhake, Laith Al, Matthew McWhirt, Michael Rudden, Omar ElAhdan
Cybercrime Observations from the Frontlines: UNC6040 Proactive Hardening Recommendations
2025-09-30ElasticElastic
WARMCOOKIE One Year Later: New Features and Fresh Insights
WarmCookie
2025-09-25Koi SecurityIdan Dardikman
First Malicious MCP in the Wild: The Postmark Backdoor That's Stealing Your Emails
2025-09-23F6F6
Bearlyfy: the evolution of the new group of ransomware and its connection with PhantomCore
LockBit LockBit PhantomCore Bearlyfy
2025-09-16Wiz.ioBarak Sharoni, Merav Bar, Rami McCarthy
Shai-Hulud: Ongoing Package Supply Chain Worm Delivering Data-Stealing Malware
Shai-Hulud
2025-09-09Positive TechnologiesViktor Kazakov
Phantom pains: a large-scale cyberespionage campaign and a possible split within the PhantomCore APT group
PhantomCore
2025-09-02At-BayAaron Smith, Laurie Iacono, MC, Ricardo Vazquez, Rohit Pappali, Will Botto, Yiwei Guo
Rhysida: Evading Detection, One Service at a Time
Rhysida