Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2026-02-05SymantecThreat Hunter Team
Black Basta: Defense Evasion Capability Embedded in Ransomware Payload
Black Basta
2026-01-30LevelBlueEvgeny Ananin, Mark Tsipershtein, Nikita Kazymirskyi
19 Shades of LockBit5.0, Inside the Latest Cross-Platform Ransomware: Part 1
LockBit LockBit
2026-01-28Hunt.ioHunt.io
Exposed Open Directory Leaks a Full BYOB Deployment Across Windows, Linux, and macOS
2026-01-12SecuronixAaron Beardslee, Akshay Gaikwad, Shikha Sangwan
SHADOW#REACTOR – Text-Only Staging, .NET Reactor, and In-Memory Remcos RAT Deployment
Remcos
2025-11-02SymantecBroadcom, Symantec
Multi-Stage In-Memory Agent Tesla Campaign Targets LATAM
Agent Tesla
2025-10-15SymantecThreat Hunter Team
Jewelbug: Chinese APT Group Widens Reach to Russia
REF7707
2025-09-03DarkrymDarkrym
PXA Stealers Evolution to PureRAT: Part 6 - Finally, the Final Stage PureRAT (Stage 9)
PureRAT
2025-08-31DarkrymDarkrym
PXA Stealers Evolution to PureRAT: Part 3 - Weaponised Python Stage (Stage 5)
PXA Stealer
2025-08-19IBM X-ForceRaymond Joseph Alfonso
IBM X-Force Threat Analysis: QuirkyLoader - A new malware loader delivering infostealers and RATs
QuirkyLoader
2025-06-20K7 SecurityBaran S
SpyMax
SpyMax
2025-06-18ElasticSalim Bitam
A Wretch Client: From ClickFix deception to information stealer deployment
HijackLoader Lumma Stealer SectopRAT
2025-06-12SymantecCarbon Black, Threat Hunter Team
Fog Ransomware: Unusual Toolset Used in Recent Attack
Fog
2025-05-02Arctic WolfArctic Wolf Labs Team
Venom Spider Uses Server-Side Polymorphism to Weave a Web Around Victims
More_eggs
2025-04-25Twitter (@teamcymru_S2)TEAM CYMRU S2 THREAT RESEARCH
Tweet on North Korean Cyber Ops Leveraging Russian Infrastructure
2025-04-23Cisco TalosAsheer Malhotra, Ashley Shen, Brandon White, Joey Chen, Vitor Ventura
Introducing ToyMaker, an initial access broker working in cahoots with double extortion gangs
HOLERUN
2025-04-10SymantecThreat Hunter Team
Shuckworm Targets Foreign Military Mission Based in Ukraine
2025-04-08Team CymruS2 Research Team
Inside DanaBot’s Infrastructure: In Support of Operation Endgame II
DanaBot
2025-04-08TrustwaveNikita Kazymirskyi, Serhii Melnyk
A deep Dive into the Leaked Black Basta Chat Logs
Black Basta Black Basta
2025-02-21cyjaxCymon
How’s that for a malicious Linkc, new group launches DLS
LinkC Pub
2025-02-20Trend MicroDaniel Lunghi
Updated Shadowpad Malware Leads to Ransomware Deployment
EvilExtractor PlugX ShadowPad Teleboyi