Security news aggregator

Latest coverage for Malware

The Malware tag covers malware families, infrastructure analysis, incident impact, disruption efforts, and defensive guidance to reduce cybersecurity risk.

37 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Malware is software intentionally created or modified to perform unauthorized or harmful actions on a computer, device, or network. The term covers distinct families and functions, including viruses, worms, trojans, spyware, botnet clients, and ransomware; a single sample may combine several capabilities. Its behavior—not its label—determines the security concern: it may execute code, persist, alter or encrypt data, steal credentials, or provide unauthorized remote access.

For practitioners, malware reporting is most useful when it identifies the family or tool conservatively and provides evidence such as affected platforms, samples, infrastructure, or observed behavior. Defenses include promptly patching vulnerable software, restricting execution and privileges, monitoring endpoints and networks, maintaining tested backups, and isolating suspected systems for analysis. Detection should use behavior and verified indicators rather than names alone, since variants change. If malware processes personal or regulated data, investigations should also address privacy, evidence preservation, and applicable reporting obligations.

Showing 20 most recent headlines of 37 Filtered view

The Lazarus Group, an infamous threat actor linked to the Democratic People's Republic of Korea (DPRK), has been observed leveraging a "complex infection chain" targeting at least two employees belonging to an unnamed nuclear-related organization within the span of one month in January 2024

The developers of Rspack have revealed that two of their npm packages, @rspack/core and @rspack/cli, were compromised in a software supply chain attack that allowed a malicious actor to publish malicious versions to the official package registry with cryptocurrency mining malware

Bank Info Security 1 year, 6 months ago

How Infoblox Streamlines Operations Across Hybrid Settings

Infoblox CEO Scott Harrell Pushes Unified Strategy Amid Hybrid Cloud ConvergenceScott Harrell, CEO of Infoblox, explores the convergence of network operations, security operations and cloud operations to tackle hybrid infrastructure complexities. He introduces Universal DDI and emphasizes a shift toward proactive threat management to counter AI-driven malware.

Also, CoinLurker Malware Steals Data via Fake UpdatesEvery week, Information Security Media Group rounds up cybersecurity incidents in digital assets. This week, LastPass breach linked to $5.4M crypto theft, CoinLurker malware steals data via fake updates, cryptocurrency key to 27 million euro seizure and nearly 800 arrested in crypto-romance scam.

The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed that a threat actor it tracks as UAC-0125 is leveraging Cloudflare Workers service to trick military personnel in the country into downloading malware disguised as Army+, a mobile app that was introduced by the Ministry of Defence back in August 2024 in an effort to make the armed forces go paperless

Trend Micro Research, News and Perspectives 1 year, 6 months ago

Python-Based NodeStealer Version Targets Facebook Ads Manager

In this blog entry, Trend Micro’s Managed XDR team discuss their investigation into how the latest variant of NodeStealer is delivered through spear-phishing attacks, potentially leading to malware execution, data theft, and the exfiltration of sensitive information via Telegram.

Bank Info Security 1 year, 6 months ago

Vulnerabilities in Azure Data Factory Open Door to Attacks

Azure Data Factory's Apache Airflow Integration Flaw Can Expose Cloud EnvironmentsSecurity researchers say now-resolved vulnerabilities in a Microsoft Azure integration with the Apache Airflow workflow management platform showcase growing sophistication of attackers. Palo Alto Unit 42 researchers said the flaws could allow hackers to deploy malware and steal data.

Loading more headlines...