Security news aggregator

Latest coverage for Malware

The Malware tag covers malware families, infrastructure analysis, incident impact, disruption efforts, and defensive guidance to reduce cybersecurity risk.

18 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Malware is software intentionally created or modified to perform unauthorized or harmful actions on a computer, device, or network. The term covers distinct families and functions, including viruses, worms, trojans, spyware, botnet clients, and ransomware; a single sample may combine several capabilities. Its behavior—not its label—determines the security concern: it may execute code, persist, alter or encrypt data, steal credentials, or provide unauthorized remote access.

For practitioners, malware reporting is most useful when it identifies the family or tool conservatively and provides evidence such as affected platforms, samples, infrastructure, or observed behavior. Defenses include promptly patching vulnerable software, restricting execution and privileges, monitoring endpoints and networks, maintaining tested backups, and isolating suspected systems for analysis. Detection should use behavior and verified indicators rather than names alone, since variants change. If malware processes personal or regulated data, investigations should also address privacy, evidence preservation, and applicable reporting obligations.

Showing 18 most recent headlines Filtered view

Chinese users looking for legitimate software such as Notepad++ and VNote on search engines like Baidu are being targeted with malicious ads and bogus links to distribute trojanized versions of the software and ultimately deploy Geacon, a Golang-based implementation of Cobalt Strike

Bank Info Security 2 years, 4 months ago

Hackers Hiding Keylogger, RAT Malware in SVG Image Files

New Campaign Evades Security Tools to Deliver Agent Tesla Keylogger and XWorm RATThreat actors are using image files or Scalable Vector Graphics files to deliver ransomware, download banking Trojans or distribute malware. The campaign uses an open-source tool, AutoSmuggle, to facilitate the delivery of malicious files through SVG or HTML files.

The Hacker News 2 years, 4 months ago

Demystifying a Common Cybersecurity Myth

One of the most common misconceptions in file upload cybersecurity is that certain tools are “enough” on their own—this is simply not the case. In our latest whitepaper OPSWAT CEO and Founder, Benny Czarny, takes a comprehensive look at what it takes to prevent malware threats in today’s ever-evolving file upload security landscape, and a big part of that is understanding where the

Bank Info Security 2 years, 4 months ago

Dropbox Used in Latest Exploit for Phishing Attacks

Darktrace Warns of Malware Hidden in PDF Stored in DropboxPhishing attacks continue to adapt to exploit popular apps. While many phishing campaigns have focused on mobile banking and payment sites, attackers are also targeting widely used but lower-profile, cloud-based utilities such as the ubiquitous Dropbox storage platform.

A financially motivated threat actor called Magnet Goblin is swiftly adopting one-day security vulnerabilities into its arsenal in order to opportunistically breach edge devices and public-facing services and deploy malware on compromised hosts