A classification of major cybersecurity threats including malware, phishing, DDoS attacks, SQL injection, and XSS.
Overview
Types of Cybersecurity Threats
Types of cybersecurity threats is a classification of digital attacks targeting organizations and individuals. It covers major threat categories including malware (ransomware, spyware, trojans, etc.), phishing (including targeted attack emails), DDoS attacks (Distributed Denial of Service), SQL injection, and Cross-Site Scripting (XSS). These threats compromise the CIA triad of confidentiality, integrity, and availability, causing data breaches, business disruptions, and financial losses. In 2025, new threats such as AI-powered attacks and supply chain attacks are also on the rise.
cybersecurity
information security
malware
phishing
DDoS
SQL injection
XSS
OWASP
ransomware
| code | slug | name | description | category |
|---|---|---|---|---|
| 01 | malware | Malware | A general term for malicious software, including viruses, worms, trojans, ransomware, and spyware. | Malware Attack |
| 02 | phishing | Phishing | A fraudulent attack method that impersonates legitimate organizations to steal personal information and credentials. | Social Engineering |
| 03 | ddos-attack | DDoS Attack | Distributed Denial of Service attack. Simultaneously accesses from multiple computers to stop services. | Availability Attack |
| 04 | sql-injection | SQL Injection | An attack that exploits web application vulnerabilities to inject malicious SQL statements into databases. | Injection Attack |
| 05 | xss | Cross-Site Scripting (XSS) | An attack that embeds malicious scripts into websites to execute in visitors' browsers. | Injection Attack |
| 06 | ransomware | Ransomware | Malware that encrypts files and demands ransom. Remains a top threat in 2025. | Malware Attack |
| 07 | zero-day-attack | Zero-Day Attack | An attack that exploits vulnerabilities for which no patch has been released (0-day). | Advanced Attack |
| 08 | supply-chain-attack | Supply Chain Attack | Indirect attacks that exploit the software supply chain (third-party products or services). | Advanced Attack |
| 09 | apt-attack | APT Attack | Advanced Persistent Threat that lurks in organizations for extended periods to steal confidential information. | Advanced Attack |
| 10 | mitm-attack | Man-in-the-Middle Attack (MitM) | An attack that intercepts between communication parties to eavesdrop on or tamper with content. | Communication Attack |