Stay informed on the latest cyber threats with our Infection tag - your source for news on malware, viruses, and cybersecurity breaches.
Search across headline titles and summaries.
Background for this topic.
Infection is a cyber security term that describes a scenario where a computer system or network becomes compromised by the introduction and spread of malicious software, such as viruses, worms, trojans, and ransomware. These types of malware are designed to infiltrate, damage, or take control of a system's operations without the consent or knowledge of the user or administrator.
In the context of information security, an infection can lead to numerous negative consequences, including data theft, destruction of data, compromise of system integrity, and potential spread to other connected systems or networks. Protecting against infections is essential for maintaining the confidentiality, integrity, and availability of information resources. This involves implementing strong security measures such as antivirus software, firewalls, intrusion detection systems, and adherence to best practices for managing software updates and user privileges.
Weekly headline count for the current query.
A large-scale credential harvesting operation has been observed exploiting the React2Shell vulnerability as an initial infection vector to steal database credentials, SSH private keys, Amazon Web Services (AWS) secrets, shell command history, Stripe API keys, and GitHub tokens at scale
Researchers have released a report detailing how a recent WinRAR path traversal vulnerability tracked as CVE-2025-8088 was exploited in zero-day attacks by the Russian 'RomCom' hacking group to drop different malware payloads. [...]
Multiple Fortinet FortiWeb instances recently infected with web shells are believed to have been compromised using public exploits for a recently patched remote code execution (RCE) flaw tracked as CVE-2025-25257. [...]
Trend Research discusses the delivery methods, custom payloads, and techniques used by Water Gamayun, the suspected Russian threat actor abusing a zero-day vulnerability in the Microsoft Management Console framework (CVE-2025-26633) to execute malicious code on infected machines.
Muhstik botnet exploits a critical Apache RocketMQ flaw (CVE-2023-33246) for remote code execution, targeting Linux servers and IoT devices for DDoS attacks and cryptocurrency mining
More than 40,000 Cisco devices running the IOS XE operating system have been compromised after hackers exploited a recently disclosed maximum severity vulnerability tracked as CVE-2023-20198. [...]