Today's Malware

Real-time data on the top malware threats from our award-winning SophosLabs Team.More

Today's Spam Threats

We monitor spam from all sources, every day. View our spam dashboard for real-time data.More

IP Address Lookup

If you can see this then you have CSS disabled. This is a honeypot to catch bots, leave this textbox empty

An error has occurred, please try again later.

SophosLabs maintains lists of IP addresses suspected to be spam sources.

IP Address Classification Policy

Threat Awareness

Share your questions, answers, advice and comments about threats in the Sophos Community.

The AI Challenge

Are you smarter than a machine? Play the game to find out.

Meet a SophosLabs Researcher

SophosLabs has a talented team of threat researchers worldwide.

Latest News


Nearly half of malware now use TLS to conceal communications

As more of the Internet uses Transport Layer Security, analysis of detection telemetry shows the volume of TLS encrypted communications by malware has doubled in a year.

BazarLoader deploys a pair of novel spam vectors

This email asks you to reach out and touch someone, and infect your computer in the process

Microsoft’s April update patches 114 bugs—half of which allow remote code execution

The fourth Patch Tuesday of 2021 is another big one. Today, Microsoft revealed 114 vulnerabilities fixed in the monthly security, over half of which could potentially be exploited for remote code execution by attackers. Of the 55 remote execution bugs, over half were tied to Windows’ Remote Procedure Call (RPC) interface. Four more were Microsoft […]

Compromised Exchange server hosting cryptojacker targeting other Exchange servers

An ouroboros of malicious cryptominers takes advantage of the ProxyLogon exploit

Black Kingdom ransomware begins appearing on Exchange servers

A novel, if not particularly well made, ransomware is spreading to Exchange servers that haven't been patched against the ProxyLogon exploit

DearCry ransomware attacks exploit Exchange server vulnerabilities

Perhaps not by coincidence, the ransomware's file encryption methodology mimics that of WannaCry.

SophosLabs Overview

Data Science
  • Machine learning model development
  • Artificial intelligence research, thought leadership
Threat Intelligence
  • Rapid response to new threats and escalations
  • Deep research into threats and attack profiles
  • Automation of threat analysis and response
  • Quality assurance testing, analysis, and metrics