TI News Feed · Threat Intelligence Guides
View live threat intel feed →
TI News FeedThreat Intelligence Guides & ResourcesView Live Feed →
Topic · Threat Intelligence

Malware: Live Threat Intelligence

Track the latest malware families, loaders and campaigns in real time, with analysis of malware trends and how to defend.

Malware — malicious software designed to harm, exploit or gain unauthorized access — sits behind almost every cyberattack at some stage. The landscape evolves continuously as families are developed, sold, and combined. This page aggregates the latest malware research and campaign reporting from authoritative sources, with analysis below.

The malware landscape

Modern malware is increasingly modular and commoditized. Loaders establish a foothold and then deliver follow-on payloads; infostealers harvest passwords, cookies and crypto wallets and feed a booming market for stolen credentials that fuels later intrusions; and botnets rent out infected devices for spam, credential stuffing and denial-of-service attacks. A major trend is fileless malware that runs in memory using legitimate system tools, leaving little on disk for traditional antivirus to find.

Blended threats

Categories increasingly overlap: a single intrusion might begin with a trojan delivered by phishing, which drops an infostealer, which leads to ransomware. This blending is why defenders focus on behavior rather than rigid family labels — and why malware reporting so often connects to broader campaigns involving specific threat actors and their tooling.

What to watch

  • Active infostealer campaigns — a leading source of the stolen credentials behind breaches.
  • Loader-to-ransomware chains — early-stage malware that precedes encryption.
  • Abuse of legitimate tools — living-off-the-land techniques that evade signatures.

How to defend

Layered defenses cover prevention, detection and response: deploy behavior-based endpoint detection (essential against fileless and novel malware), patch to close infection routes, filter email and web traffic, apply least privilege and application control, train users, and keep tested offline backups. Track active malware families and their indicators with threat intelligence. Our guide explains the main types of malware and how to defend, and indicators of compromise covers detection.

The live feed below tracks malware research and campaigns as they break.

In-depth guides on malware

AttacksWhat Is Malware? The Main Types ExplainedAttacksWhat Is Ransomware? How It Works and How to Stop ItDetectionIndicators of Compromise (IOCs): The Complete Guide

Related topics

TopicRansomware: Live Threat Intelligence & AnalysisTopicPhishing: Live Threat Intelligence & AnalysisTopicAPT & Nation-State Threats: Live Intelligence