Latest coverage for Malware
The Malware tag covers malware families, infrastructure analysis, incident impact, disruption efforts, and defensive guidance to reduce cybersecurity risk.
Refine the feed
Search across headline titles and summaries.
Tag briefing
Background for this topic.
Malware is software intentionally created or modified to perform unauthorized or harmful actions on a computer, device, or network. The term covers distinct families and functions, including viruses, worms, trojans, spyware, botnet clients, and ransomware; a single sample may combine several capabilities. Its behavior—not its label—determines the security concern: it may execute code, persist, alter or encrypt data, steal credentials, or provide unauthorized remote access.
For practitioners, malware reporting is most useful when it identifies the family or tool conservatively and provides evidence such as affected platforms, samples, infrastructure, or observed behavior. Defenses include promptly patching vulnerable software, restricting execution and privileges, monitoring endpoints and networks, maintaining tested backups, and isolating suspected systems for analysis. Detection should use behavior and verified indicators rather than names alone, since variants change. If malware processes personal or regulated data, investigations should also address privacy, evidence preservation, and applicable reporting obligations.
Breach Roundup: AI 'Nudify' Sites Serve Malware
Also: Prison Sentences for BEC Scammers and a West African Cybercrime CrackdownThis week, AI nudify sites spread malware, BEC scammers head to prison, London man charged with hacking, and a Spanish insurance company with a breach. Also, a North Korean hacking group and a West African crackdown on online scammers. And, a Schrödinger Windows vulnerability: Is it real?
Linux malware “perfctl” behind years-long cryptomining campaign
A Linux malware named "perfctl" has been targeting Linux servers and workstations for at least three years, remaining largely undetected through high levels of evasion and the use of rootkits. [...]
New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking
Linux servers are the target of an ongoing campaign that delivers a stealthy malware dubbed perfctl with the primary aim of running a cryptocurrency miner and proxyjacking software
AI 'Nude Photo Generator' Delivers Infostealers Instead of Images
The FIN7 group is mounting a sophisticated malware campaign that spans numerous websites, to lure people with a deepfake tool promising to create nudes out of photos.
FIN7 Gang Hides Malware in AI “Deepnude” Sites
Threat group FIN7 is hiding infostealer malware on sites promising AI deepnude downloads
Near-'perfctl' Fileless Malware Targets Millions of Linux Servers
Armed with a staggering arsenal of at least 20,000 different exploits for various Linux server misconfigurations, perfctl is everywhere, annoying, and tough to get rid of.
FIN7 hackers launch deepfake nude “generator” sites to spread malware
The notorious APT hacking group known as FIN7 launched a network of fake AI-powered deepnude generator sites to infect visitors with information-stealing malware. [...]
Fake browser updates spread updated WarmCookie malware
A new 'FakeUpdate' campaign targeting users in France leverages compromised websites to show fake browser and application updates that spread a new version of the WarmCookie malware. [...]
Stonefly Group Targets US Firms With New Malware Tools
North Korean APT Stonefly continues to launch cyber-attacks on US firms despite July indictment
Python-Based Malware Slithers Into Systems via Legit VS Code
The prolific Chinese APT Mustang Panda is the likely culprit behind a sophisticated cyber-espionage attack that sets up persistent remote access to victim machines.
Fake Job Applications Deliver Dangerous More_eggs Malware to HR Professionals
A spear-phishing email campaign has been observed targeting recruiters with a JavaScript backdoor called More_eggs, indicating persistent efforts to single out the sector under the guise of fake job applicant lures
Evil Corp/REvil Malware Crime Group Outed As Family Affair
5 Must-Have Tools for Effective Dynamic Malware Analysis
Dynamic malware analysis is a key part of any threat investigation. It involves executing a sample of a malicious program in the isolated environment of a malware sandbox to monitor its behavior and gather actionable indicators. Effective analysis must be fast, in-depth, and precise. These five tools will help you achieve it with ease
AI-Powered Rhadamanthys Stealer Targets Crypto Wallets with Image Recognition
The threat actors behind the Rhadamanthys information stealer have added new advanced features to the malware, including using artificial intelligence (AI) for optical character recognition (OCR) as part of what's called "Seed Phrase Image Recognition." "This allows Rhadamanthys to extract cryptocurrency wallet seed phrases from images, making it a highly potent threat for anyone dealing in
Ransomware forces hospital to turn away ambulances
Only level-one trauma unit in 400 miles crippled Ransomware scumbags have caused a vital hospital to turn away ambulances after infecting its computer systems with malware.…