Security news aggregator

Latest coverage for Malware

The Malware tag covers malware families, infrastructure analysis, incident impact, disruption efforts, and defensive guidance to reduce cybersecurity risk.

21 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Malware is software intentionally created or modified to perform unauthorized or harmful actions on a computer, device, or network. The term covers distinct families and functions, including viruses, worms, trojans, spyware, botnet clients, and ransomware; a single sample may combine several capabilities. Its behavior—not its label—determines the security concern: it may execute code, persist, alter or encrypt data, steal credentials, or provide unauthorized remote access.

For practitioners, malware reporting is most useful when it identifies the family or tool conservatively and provides evidence such as affected platforms, samples, infrastructure, or observed behavior. Defenses include promptly patching vulnerable software, restricting execution and privileges, monitoring endpoints and networks, maintaining tested backups, and isolating suspected systems for analysis. Detection should use behavior and verified indicators rather than names alone, since variants change. If malware processes personal or regulated data, investigations should also address privacy, evidence preservation, and applicable reporting obligations.

Showing 20 most recent headlines of 21 Filtered view

Threat hunters have discerned new activity associated with an Iranian threat actor known as Infy (aka Prince of Persia), nearly five years after the hacking group was observed targeting victims in Sweden, the Netherlands, and Turkey

Security boffins warn flaw is now being used for ransomware attacks against live networks Microsoft says attackers have already compromised "several hundred machines across a diverse set of organizations" via the React2Shell flaw, using the access to execute code, deploy malware, and, in some cases, deliver ransomware.…

The North Korean threat actor known as Kimsuky has been linked to a new campaign that distributes a new variant of Android malware called DocSwap via QR codes hosted on phishing sites mimicking Seoul-based logistics firm CJ Logistics (formerly CJ Korea Express)

Experts Say AI Is Already Enabling Faster and Harder-to-Detect Attack CampaignsArtificial intelligence-fueled malware and automated cyber tools are enabling faster, more adaptive attacks at scale, with experts warning Congress that adversaries are now leveraging AI and quantum advances to outpace defenders and bypass outdated security architectures.

Ink Dragon Compromised IIS Networks to Relay ShadowPad MalwareA Chinese hacking group is using compromised European government networks as relay nodes to route commands and support other hacking operations. Security firm Check Point attributed the campaign to a Chinese espionage group it tracks as "Ink Dragon."

Also: macOS Naughty or Nice, Cybercrime Karma, Spoofing Legacy Rail InfrastructureLondon in December: Early to dark, quick to rain but also festive - and a mecca for cybersecurity researchers there for the annual Black Hat Europe conference. This year's event featured nearly 50 briefings that touched on everything from hardware hacking to combing infostealer logs for hidden gems.

Direct navigation -- the act of visiting a website by manually typing a domain name in a web browser -- has never been riskier: A new study finds the vast majority of "parked" domains -- mostly expired or dormant domain names, or common misspellings of popular websites -- are now configured to redirect visitors to sites that foist scams and malware.

2 More Vulnerabilities Need Patching in React Server Components, Warns VercelMass exploitation of the "React2Shell" - CVE-2025-55182 - vulnerability remains underway by nation-state hackers tied to China, North Korea and Iran, as well as financially motivated cybercriminals running everything from cryptomining malware to DDoS services, security experts warn.

Loading more headlines...