Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2026-01-26Trend MicroJoseph C Chen, Ted Lee
PeckBirdy: A Versatile Script Framework for LOLBins Exploitation Used by China-aligned Threat Groups
PeckBirdy GRAYRABBIT
2025-12-11Trend MicroDaniel Lunghi, Feike Hacquebord, Ian Kenefick
SHADOW-VOID-042 Targets Multiple Industries with Void Rabisu-like Tactics
ROMCOM RAT
2025-12-10Trend MicroAshish Verma, Deep Patel, Jack Walsh, Lucas Silva, Peter Girnus
CVE-2025-55182: React2Shell Analysis, Proof-of-Concept Chaos, and In-the-Wild Exploitation
2025-12-08Trend MicroAliakbar Zahravi
AI-Automated Threat Hunting Brings GhostPenguin Out of the Shadows
GhostPenguin
2025-12-02Trend MicroByron Gelera, Emmanuel Panopio, Ian Kenefick, Jeffrey Francis Bonaobra, Joe Soares, Sarah Pearl Camiling
Unraveling Water Saci's New Multi-Format, AI-Enhanced Attacks Propagated via WhatsApp
Water Saci
2025-10-27Trend MicroEmmanuel Panopio, Jeffrey Francis Bonaobra, Joe Soares
Active Water Saci Campaign Spreading Via WhatsApp Features Multi-Vector Persistence and Sophisticated C&C
Water Saci
2025-10-22Trend MicroDaniel Lunghi, Joseph C Chen, Lenart Bermejo, Leon M Chang, Vickie Su
The Rise of Collaborative Tactics Among China-aligned Cyber Espionage Campaigns
Cobalt Strike DracuLoader ShadowPad
2025-10-15Trend MicroDove Chiu, Lucien Chuang
Operation Zero Disco: Attackers Exploit Cisco SNMP Vulnerability to Deploy Rootkits
2025-09-25Trend MicroJacob Santos, Sarah Pearl Camiling
New LockBit 5.0 Targets Windows, Linux, ESXi
LockBit LockBit
2025-09-11Trend MicroArmando Nathaniel Pedragoza, Emmanuel Panopio, Emmanuel Roll, Jeffrey Francis Bonaobra, Joshua Aquino, Joshua Lijandro Tsang, Marco Dela Vega, Melvin Singwa, Mohammed Malubay
EvilAI Operators Use AI-Generated Code and Fake Apps for Far-Reaching Attacks
TamperedChef
2025-08-28Trend MicroNick Dai, Pierre Lee
TAOTH Campaign Exploits End-of-Support Software to Target Traditional Chinese Users and Dissidents
Cobalt Strike Merlin
2025-06-17Trend MicroAhmed Mohamed Ibrahim, Aliakbar Zahravi, Shubham Singh, Sunil Bharti
Critical Langflow Vulnerability (CVE-2025-3248) Actively Exploited to Deliver Flodrix Botnet
Flodrix
2025-06-16Trend MicroAira Marcelo, Gabriel Nicoleta, Jovit Samaniego, Mohamed Fahmy
Clone, Compile, Compromise: Water Curse’s Open-Source Malware Trap on GitHub
2025-05-27Trend MicroJoseph C Chen
Earth Lamia Develops Custom Arsenal to Target Multiple Industries
BypassBoss Cobalt Strike JuicyPotato PULSEPACK STOWAWAY VShell Earth Lamia
2025-05-13Trend MicroPhilip Chen, Pierre Lee, Vickie Su
Earth Ammit Disrupts Drone Supply Chains Through Coordinated Multi-Wave Attacks in Taiwan
TIDRONE
2025-04-25Trend MicroNick Dai, Sunny Lu
Earth Kurma APT Campaign Targets Southeast Asian Government, Telecom Sectors
KRNRAT Moriya Earth Kurma
2025-04-23Trend MicroFeike Hacquebord, Stephen Hilt
Russian Infrastructure Plays Crucial Role in North Korean Cybercrime Operations
BeaverTail FrostyFerret GolangGhost InvisibleFerret GolangGhost WageMole
2025-04-14Trend MicroFernando Mercês
BPFDoor’s Hidden Controller Used Against Asia, Middle East Targets
BPFDoor Red Menshen
2025-03-31Trend MicroLenart Bermejo, Ted Lee, Theo Chen
The Espionage Toolkit of Earth Alux: A Closer Look at its Advanced Techniques
Godzilla Webshell Cobalt Strike FINALDRAFT RAILSETTER Earth Alux
2025-03-28Trend MicroAhmed Mohamed Ibrahim, Aliakbar Zahravi
A Deep Dive into Water Gamayun’s Arsenal and Infrastructure
DarkWisp SilentPrism Kematian Stealer Rhadamanthys Stealc Water Gamayun