Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-12-18safebreachTomer Bar
Prince of Persia: A decade of Iranian Nation State APT Campaign Activity
Infy Tonnerre
2025-12-08Trend MicroAliakbar Zahravi
AI-Automated Threat Hunting Brings GhostPenguin Out of the Shadows
GhostPenguin
2025-11-19SpamhausJonas Arnold
The anatomy of bulletproof hosting – past, present, future
2025-10-22SentinelOneTom Hegel
PhantomCaptcha | Multi-Stage WebSocket RAT Targets Ukraine in Single-Day Spearphishing Operation
Princess
2025-10-15Palo Alto Networks Unit 42paloalto Networks: Unit42
PhantomVAI Loader Delivers a Range of Infostealers
Katz Stealer PhantomVAI
2025-10-13ProofpointKyle Cucci, Proofpoint Threat Research Team, Selena Larson, Tommy Madjar
When the monster bytes: tracking TA585 and its arsenal
MonsterV2
2025-10-09Red CanaryChris Brook, Tony Lambert
A taxonomy of Mac stealers: Distinguishing Atomic, Odyssey, and Poseidon
AMOS Odyssey Stealer Poseidon Stealer
2025-09-30Palo Alto Networks Unit 42Lior Rochberger
Phantom Taurus: A New Chinese Nexus APT and the Discovery of the NET-STAR Malware Suite
NET-STAR
2025-09-19BlackPointCaden Toellner, Nevan Beal, Sam Decker
KeyZero: A Custom PowerShell RAT
2025-09-16SekoiaAmaury G., Charles M., Sekoia TDR
APT28 Operation Phantom Net Voxel
BEARDSHELL GRUNT SLIMAGENT
2025-09-09Positive TechnologiesViktor Kazakov
Phantom pains: a large-scale cyberespionage campaign and a possible split within the PhantomCore APT group
PhantomCore
2025-09-03ProofpointKyle Cucci, Proofpoint Threat Research Team, Rob Kinner
Not Safe for Work: Tracking and Investigating Stealerium and Phantom Infostealers
Phantom Stealer
2025-08-28DefentiveDefentive Threat Research
The Phantom Threat: Inside UNC5518’s Invisible Empire of MetaStealer Operations
MetaStealer
2025-08-27DefentiveDefentive Threat Research
Anatomy of a Real Phishing Attack: How Defentive Detected and Stopped It in Action
2025-07-22Recorded FutureInsikt Group®
Anatomy of DDoSia: NoName057(16)'s DDoS Infrastructure and Targeting
Dosia
2025-07-22AkamaiTomer Peled
Coyote in the Wild: First-Ever Malware That Abuses UI Automation
2025-07-21SentinelOneJim Walter, Simon Kenin, Tom Hegel
SharePoint ToolShell | Zero-Day Exploited in-the-Wild Targets Enterprise Servers
2025-07-16Reverse The MalwareDiyar Saadi
Analysis CryptoMiner Sample ( Script Based )
2025-06-18Red CanaryRed Canary
Mocha Manakin delivers custom NodeJS backdoor via paste and run
Mocha Manakin
2025-06-16ProofpointJeremy Hedges, Proofpoint Threat Research Team, Tommy Madjar
Amatera Stealer: Rebranded ACR Stealer With Improved Evasion, Sophistication
ACR Stealer Amatera