A malicious software or firmware that can be file-based or file-less malware used to perform unauthorized activities on a device to undermine an information system’s confidentiality, integrity, or availability. Examples of this malicious code include a virus, worm, Trojan horse, spyware, and adware.