Stay informed on the latest malware threats. Explore news, analysis, and insights on malicious software that targets data security. Stay safe online.
Search across headline titles and summaries.
Background for this topic.
Malware is a contraction of "malicious software," which encompasses a variety of software programs designed with the intent to harm, exploit, or otherwise negatively affect computers, servers, networks, and computer systems. In the realm of information security, malware represents one of the most pervasive and challenging threats.
Malware comes in multiple forms, including viruses, worms, spyware, trojan horses, ransomware, and adware, among others. Each type has a unique behavior but shares the common goal of disrupting operations, stealing sensitive information, gaining unauthorized access to system resources, and potentially causing significant damage to data and infrastructure.
In the context of information security, the presence of malware can compromise the confidentiality, integrity, and availability of information. It can also lead to financial losses, damage to an organization's reputation, and legal consequences. Information security strategies, therefore, prioritize the prevention, detection, and removal of malware to safeguard information assets from these malicious threats.
Weekly headline count for the current query.
A Chinese-speaking cybercrime group has expanded its targeting to the European space, deploying previously undocumented malware and the Atlas backdoor. [...]
Python scripts were used to test malware against endpoint detection and response agents from Sophos, CrowdStrike, and Windows Defender.
Russia’s FSB claims foreign intelligence planted malware on senior officials’ phones to intercept calls and activate cameras. No technical evidence, no country named. On June 2, 2026, Russia’s Federal Security Service (FSB) published a statement claiming it had uncovered and documented a large-scale foreign intelligence operation targeting the mobile devices of senior Russian officials. The […]
Cybersecurity researchers have flagged a new campaign targeting Minecraft players via YouTube to spread malware capable of gaining control of victims' systems
A large-scale malware campaign dubbed WeedHack is targeting Minecraft players and has infected more than 116,000 systems since January. [...]
A large-scale malware campaign dubbed WeedHack is targeting Minecraft players and has infected more than 116,000 systems since January. [...]
A sneaky, wide-scale IAB operation uses a malicious traffic distribution system (TDS) to redirect visitors of trusted websites to ones that deliver malware.
China is stealing data from high-value targets via a sneaky, double-layer spear-phishing campaign that includes the Azureveil malware.
The Russian hacking group known as Gamaredon has been attributed to the continued exploitation of a WinRAR vulnerability to deliver multiple malware families aimed at data theft and propagation
A threat actor used AI coding tools to build and test EDR evasion malware, Sophos finds
Malware on approximately 2,000 WordPress sites hid C2 instructions in Steam profile comments using invisible Unicode. GoDaddy researchers spotted a command-and-control infrastructure for a malware campaign abusing Valve’s Steam gaming platform. The experts discovered malware on approximately 1,980 WordPress sites that fetches its instructions by reading Steam Community profile comments, where the actual payload is […]
A threat actor tracked as DriveSurge has been operating large-scale malware distribution campaigns using ClickFix and FakeUpdates techniques on compromised sites. [...]
TeamPCP? Or copycat malware dev?
More than 30 npm packages under Red Hat's '@redhat-cloud-services' namespace were compromised in a supply-chain attack that distributed a new variant of the Shai-Hulud credential-stealing malware, dubbed "Miasma." [...]
Nearly 2,000 WordPress websites were infected with malware that relies on Steam Community profile comments to hide command-and-control (C2) data. [...]
Push Security says threat actors are delivering malware hosted on chatgpt.com/s/ domain
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Ghost CMS Mass Compromised via CVE-2026-26980, Now Fueling ClickFix Attacks TrapDoor Crypto Stealer Supply Chain Attack Hits 34 Packages and Hundreds of Versions Across npm, PyPI, and Crates.io RemotePE: The Lazarus RAT that lives […]
GREYVIBE, a Russia-linked group active since 2025, targets Ukraine with AI-assisted malware and five attack chains. Researchers say it’s part spy op, part crime gang. Security firm WithSecure has been tracking a previously unknown Russian-linked APT group called GREYVIBE since at least August 2025. The group targets Ukraine and Ukrainian-related organizations across military, government, civilian, […]
Threat actors are abusing ChatGPT's content-sharing feature to display fake OpenAI outage pages that direct users to download malware disguised as the ChatGPT desktop application. [...]
Dutch authorities have taken offline a massive botnet of 17 million devices and seized more than 200 servers at a local provider that supported the operation. [...]