Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-10-22SentinelOneTom Hegel
PhantomCaptcha | Multi-Stage WebSocket RAT Targets Ukraine in Single-Day Spearphishing Operation
Princess
2025-09-30GoogleAswad Robinson, Bhavesh Dhake, Laith Al, Matthew McWhirt, Michael Rudden, Omar ElAhdan
Cybercrime Observations from the Frontlines: UNC6040 Proactive Hardening Recommendations
2025-09-30ElasticElastic
WARMCOOKIE One Year Later: New Features and Fresh Insights
WarmCookie
2025-09-25Koi SecurityIdan Dardikman
First Malicious MCP in the Wild: The Postmark Backdoor That's Stealing Your Emails
2025-09-16Wiz.ioBarak Sharoni, Merav Bar, Rami McCarthy
Shai-Hulud: Ongoing Package Supply Chain Worm Delivering Data-Stealing Malware
Shai-Hulud
2025-09-02At-BayAaron Smith, Laurie Iacono, MC, Ricardo Vazquez, Rohit Pappali, Will Botto, Yiwei Guo
Rhysida: Evading Detection, One Service at a Time
Rhysida
2025-08-26GoogleAustin Larsen, Matt Lin, Omar ElAhdan, Tyler McLellan
Widespread Data Theft Targets Salesforce Instances via Salesloft Drift
UNC6395
2025-08-19The Wall Street JournalRobert McMillan
Oregon Man Accused of Operating One of Most Powerful Attack ‘Botnets’ Ever Seen
RapperBot
2025-07-20rmceoin.github.ioRandy McEoin
Perl based macOS/linux Stealer
Pearl Stealer
2025-06-02Aryaka Networksbikash dash, varadharajan krishnasamy
Remcos on the Wire: Analyzing Network Artifacts and C2 Command Structures
Remcos
2025-04-25Twitter (@teamcymru_S2)TEAM CYMRU S2 THREAT RESEARCH
Tweet on North Korean Cyber Ops Leveraging Russian Infrastructure
2025-03-28Cisco TalosGuilherme Venere
Gamaredon campaign abuses LNK files to distribute Remcos backdoor
Remcos
2025-02-21SonicWallSonicWall
Remcos RAT Targets Europe: New AMSI and ETW Evasion Tactics Uncovered
Remcos
2025-01-30BitdefenderAlexandru Maximciuc, Gheorghe Adrian Schipor, Martin Zugec, Victor Vrabie
UAC-0063: Cyber Espionage Operation Expanding from Central Asia
HATVIBE
2025-01-20Medium walmartglobaltechJason Reaves, Jonathan Mccay, Joshua Platt
Qbot is Back.Connect
ReedBed UNC4393
2024-12-10cybleCyble
Head Mare Group Intensifies Attacks on Russia with PhantomCore Backdoor
PhantomCore Head Mare
2024-12-04Rapid7Tyler McGraw
Black Basta Ransomware Campaign Drops Zbot, DarkGate, and Custom Malware
Black Basta Cobalt Strike DarkGate SystemBC Zloader
2024-11-08FortinetXiaopeng Zhang
New Campaign Uses Remcos RAT to Exploit Victims
Remcos
2024-10-31Sophos X-OpsRoss McKerchar
Pacific Rim: Inside the Counter-Offensive—The TTPs Used to Neutralize China-Based Threats
Asnarök
2024-10-31Sophos X-OpsAndrew Brandt, Ross McKerchar
Pacific Rim timeline: Information for defenders from a braid of interlocking attack campaigns
Asnarök Tstark