Critical Zimbra Flaw Could Let Crafted Emails Run Malicious Code in User Sessions
Zimbra is urging customers to apply updates to address a critical security vulnerability impacting the Classic Web Client that could result in arbitrary code execution
Malicious Code covers malware analysis, reported incidents, infrastructure, disruption efforts, and defensive guidance to reduce cyber risk.
Search across headline titles and summaries.
Background for this topic.
Malicious code is software, a script, or an altered program intended to perform unauthorized or harmful actions on a device or network. The term includes malware such as viruses, worms, trojans, spyware, and ransomware, as well as harmful macros or commands. Depending on its function, it may exploit a software weakness, execute with a user’s permissions, disrupt availability, or modify, destroy, or collect data.
Security teams should treat malicious code as both a prevention and detection concern: keep operating systems and applications patched, restrict unnecessary scripting and privileges, and use endpoint controls that identify unusual execution or persistence. Network and host telemetry can support investigation, while isolation and recovery from known-good backups can limit damage after execution. Analysis of samples and indicators can also guide threat intelligence and vulnerability-management priorities, but suspected code should be handled carefully to avoid executing it on production systems or exposing collected data.
Zimbra is urging customers to apply updates to address a critical security vulnerability impacting the Classic Web Client that could result in arbitrary code execution
Six vulnerabilities in the widely used U-Boot bootloader have been discovered that could allow attackers to execute malicious code during device boot, potentially enabling stealthy firmware attacks that compromise security protections and install persistent malware. [...]
Old Unix Symlink Trick Lets Malicious Code Bypass User ChecksWiz researchers found that six popular AI coding assistants can be tricked into modifying sensitive files, including SSH keys, while their approval prompts display a harmless filename. The GhostApproval technique exploits a decades-old Unix symlink behavior to mislead users.
Microsoft uncovered GigaWiper, a modular Go backdoor combining three malware families with espionage, remote control, and destructive wiping features. In October 2025, Microsoft’s threat intelligence team identified destructive wiping activity inside compromised environments and traced it to a previously unknown piece of malware they’re now calling GigaWiper. The malicious code is written in Go, it […]
Ask an AI coding agent to scan open-source code for security holes, and it might run the attacker's code on your own machine instead