We've just onboard another malware analysis service on MalwareBazaar: @malva_re 🎉. MalwareBazaar now includes detection from @malva_re as well as tags and malware configuration files🪲🔍. Here's a sample report:.👉

Yep…we’re mentioning it again because 13th time’s the lucky one, right? 😜. 📢 It’s only 7 days until you’ll need to authenticate to access data via API across ALL our platforms. We’re doing this update to help us manage heavy usage and keep things running smoothly for everyone

Active #CobaltStrike botnet C2 with watermark 100000000 🔥. ⛔️ https://api.micosoftr .icu/djiowejdf.⛔️ https://www.googleapi .top/jquery-3.3.1.min.js. Pointing to:.📡43.163.107 .212:443 Tencent 🇨🇳. Sample:.📄 IOCs on ThreatFox🦊.

We are happy to announce the integration of @kunai_project Linux Sandbox on MalwareBazaar 🥳 . Sample ELF X86 report ⤵️.

There's a #MassLogger malware campaign using an allegedly compromised email account🪝of an employee at the Ministry of Agriculture, Water Management and Forestry of Bosnia and Herzegovina 🇧🇦, used to exfiltrate data from compromised devices through SMTP 🔥. Corresponding malware

After the #Lumma Stealer takedown a few weeks ago, threat actors moved away from Cloudflare to AS47105 Vault Dweller OU 🇪🇪 with Finnish upstream Creanova 🇫🇮. ⛔ 195.82.146.193:443.⛔ 195.82.146.221:443.⛔ 195.82.146.223:443. Not only Lumma botnet C2s are hosted there as.

📢 Heads-up! In just 3 WEEKS authentication will be required to access data via API across ALL our platforms. This change will help us manage heavy usage and keep things running smoothly for everyone ➡️ #SteadyPlatform #SteadySignal. Rely on our APIs? . #AuthenticateNow, to avoid

URLHaus Blocklist comparison, now includes @DNS4EU 🇪🇺, currently with coverage of 70% of all active malware distribution domains/hostnames tracked URLhaus 📊. Example URL report:.🌐 Comparison with other blocklist providers:.🔎

RT @spamhaus: This month Spamhaus' Exploits Blocklist reached 5 million IPs listed for use in third-party exploits! 🎉 For optimum filtering….

RT @spamhaus: 📢 OPERATION ENDGAME 2.0 UPDATE | Following last week's announcement, we’re seeing great progress with remediation efforts. ….

RT @g0njxa: First thoughts about #Lumma Stealer "disruption" (?):. There's no need in calling big names on something that (from what I've r….

❗️Attention | Platform integrators of @abuse_ch's data. From June 30, 2025, users of our data will be required to use an authentication key to access our APIs. This means that any user accessing the @abuse_ch's data from your platform will require functionality to input an.

The European Council 🇪🇺 has issued sanctions against Stark Industries, a hosting company registered in the UK 🇬🇧, as "they have been acting as enablers of various Russian state-sponsored and affiliated actors to conduct destabilising activities including, information manipulation

#ItsNewFeatureTuesday! (That’s a thing, right?) 😎.You can now share searches with 3rd parties without them needing to authenticate to view the results! It’s a neat feature that will save time and hassle. Here's how it works ⤵️.1) User (authenticated!) searches on

📢 Reminder: Rate limits have been introduced for excessive API queries from unauthenticated users to keep the platforms running smoothly for everyone. If you experience issues #Authenticate – it’s quick, easy to do, and helps ensure the platforms are stable for all.