Security news aggregator

Latest coverage for Malicious Code

Malicious Code covers malware analysis, reported incidents, infrastructure, disruption efforts, and defensive guidance to reduce cyber risk.

3 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Malicious code is software, a script, or an altered program intended to perform unauthorized or harmful actions on a device or network. The term includes malware such as viruses, worms, trojans, spyware, and ransomware, as well as harmful macros or commands. Depending on its function, it may exploit a software weakness, execute with a user’s permissions, disrupt availability, or modify, destroy, or collect data.

Security teams should treat malicious code as both a prevention and detection concern: keep operating systems and applications patched, restrict unnecessary scripting and privileges, and use endpoint controls that identify unusual execution or persistence. Network and host telemetry can support investigation, while isolation and recovery from known-good backups can limit damage after execution. Analysis of samples and indicators can also guide threat intelligence and vulnerability-management priorities, but suspected code should be handled carefully to avoid executing it on production systems or exposing collected data.

Volume over time

Weekly headline count for the current query.

Showing 3 most recent headlines Filtered view
Trend Micro Research, News and Perspectives 1 year, 3 months ago

A Deep Dive into Water Gamayun’s Arsenal and Infrastructure

Trend Research discusses the delivery methods, custom payloads, and techniques used by Water Gamayun, the suspected Russian threat actor abusing a zero-day vulnerability in the Microsoft Management Console framework (CVE-2025-26633) to execute malicious code on infected machines.

Trend Micro Research, News and Perspectives 1 year, 3 months ago

CVE-2025-26633: How Water Gamayun Weaponizes MUIPath using MSC EvilTwin

Trend Research identified Russian threat actor Water Gamayun exploiting CVE-2025-26633, a zero-day vulnerability in the Microsoft Management Console that attackers exploit to execute malicious code and exfiltrate data.