Security news aggregator

Latest coverage for Antivirus

Antivirus software detects, blocks, and removes malicious code, helping reduce the risk of malware-driven data theft and system disruption.

14 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Antivirus software scans files and running processes to detect and remove malicious code such as viruses, worms, trojans, ransomware, and spyware. It uses signature databases, heuristic rules, and behavioral analysis to identify threats during real-time monitoring or scheduled scans. Regular updates to detection rules are necessary to recognize new malware variants and reduce false negatives.

While antivirus helps block many common malware infections on endpoints, it has limited effectiveness against advanced threats like fileless malware or attacks that evade signature detection. Security teams should combine antivirus with complementary tools such as endpoint detection and response (EDR) to improve visibility and threat hunting. Proper tuning is important to minimize false positives and performance impacts that can disrupt operations or obscure genuine alerts.

Volume over time

Weekly headline count for the current query.

Showing 14 most recent headlines Filtered view

CISA confirms BlueHammer (CVE-2026-33825) is now used in ransomware attacks to gain SYSTEM privileges through Microsoft Defender. BlueHammer, tracked as CVE-2026-33825, has moved from proof-of-concept noise to real ransomware attacks in the wild, the US CISA confirms. BlueHammer allows attackers to escalate privileges locally in Microsoft Defender. The vulnerability, along with two other zero-days dubbed […]

Microsoft confirmed the RoguePlanet Defender zero-day (CVE-2026-50656), a privilege escalation flaw, and is developing a security patch. Microsoft has acknowledged the RoguePlanet zero-day affecting Microsoft Defender, tracked as CVE-2026-50656 (CVSS score of 7.8). The vulnerability allows privilege escalation through the Microsoft Malware Protection Engine. The company stated it is aware of the issue and is […]

Cybersecurity researchers have discovered a new ransomware strain dubbed HybridPetya that resembles the notorious Petya/NotPetya malware, while also incorporating the ability to bypass the Secure Boot mechanism in Unified Extensible Firmware Interface (UEFI) systems using a now-patched vulnerability disclosed earlier this year

Threat actors with links to the Play ransomware family exploited a recently patched security flaw in Microsoft Windows as a zero-day as part of an attack targeting an unnamed organization in the United States

Trend Micro Research, News and Perspectives 2 years, 5 months ago

CVE-2024-21412: Water Hydra Targets Traders with Microsoft Defender SmartScreen Zero-Day

The APT group Water Hydra has been exploiting the zero-day Microsoft Defender SmartScreen vulnerability (CVE-2024-21412) in its campaigns targeting financial market traders. This vulnerability, which has now been patched by Microsoft, was discovered and disclosed by the Trend Micro Zero Day Initiative.

Trend Micro Research, News and Perspectives 3 years, 10 months ago

A Post-exploitation Look at Coinminers Abusing WebLogic Vulnerabilities

This blog entry details how Trend Micro Cloud One™ – Workload Security and Trend Micro Vision One™ effectively detected and blocked the abuse of the CVE-2020-14882 WebLogic vulnerability in affected endpoints.