Malware encompasses trojans, worms, infostealers, and other malicious software used to gain unauthorized access, exfiltrate data, or establish persistent footholds in target environments. defend.network monitors new malware families, variant evolution, and distribution campaigns reported by security researchers and threat intelligence vendors.
Over 400 Arch Linux AUR packages compromised with credential stealer and eBPF rootkit; China-linked Velvet Ant backdoored Linux authentication for decade; Google sues Chinese phishing-as-a-service using Gemini AI.
Critical threats including TCLBANKER banking trojan, Canvas platform breach disrupting nationwide education, and active Ivanti zero-day exploitation require immediate response across financial, education, and government sectors.
Critical supply chain attacks on developer platforms, Russian state-sponsored token theft via router exploits, and unpatched Windows RPC privilege escalation demand immediate defensive action.
Critical threats include FIRESTARTER backdoor persistence on federal Cisco devices, Russian military token theft via router exploitation, Chinese APT GopherWhisper attacks, and four actively exploited CISA KEV vulnerabilities with May 2026 federal patching deadline.
FIRESTARTER backdoor persists on federal Cisco infrastructure despite patches; Russian state actors harvesting Office tokens via router exploits; four critical CVEs added to CISA KEV with May 2026 deadline; APT campaigns targeting U.S. defense sector; AI-powered phishing escalates to personalized 1-to-1 attacks.
FIRESTARTER backdoor persists on federal Cisco infrastructure despite patches. Russian military intelligence harvesting Office tokens via router exploits. Chinese APT targeting NASA and defense sector with spear-phishing. AI-powered phishing and FakeWallet credential theft escalating.
Critical supply chain attacks via malicious Docker images and npm worms, state-sponsored credential theft campaigns targeting Microsoft Office, and destructive Lotus Wiper malware deployed against Venezuelan energy infrastructure require immediate response across all organizations.
Critical zero-day vulnerabilities in Chrome and TrueConf under active exploitation, combined with widespread malware campaigns targeting mobile and enterprise infrastructure.
Critical supply-chain compromise of Telnyx PyPI package, active iOS exploitation, state-sponsored wiper attacks on medical device firm, and advanced APT malware targeting telecom infrastructure demand immediate response.
Critical supply chain attacks on Trivy scanner and VS Code, destructive Iran-linked wipers targeting Kubernetes, and phishing-as-a-service platforms resurging with 29K IRS victims. Initial access now occurs in 22 seconds.
Subscribe free and never miss a threat briefing.