What type of malware takes advantage of undisclosed vulnerabilities?

The type of malware that takes advantage of undisclosed vulnerabilities is a zero-day attack. Zero-day attacks exploit software vulnerabilities that are not yet known to the software vendor or the public, meaning that there is no available patch or fix at the time of the attack. This makes zero-day vulnerabilities particularly dangerous, as they can be used by attackers to infiltrate systems stealthily and carry out malicious activities before the vulnerability is discovered and mitigated.

Unlike other types of malware, such as spyware or ransomware, which may exploit known vulnerabilities or use social engineering tactics to gain access, zero-day attacks leverage these previously undisclosed security holes. This quality makes them especially valuable in the arsenal of cybercriminals.

In contrast, spyware is typically used to collect information from users without their knowledge, Trojans disguise themselves as legitimate software to trick users into installing them, and ransomware encrypts a victim's files to demand payment for their release, often relying on previously known vulnerabilities to perform the attack. Each of these types of malware operates differently and under different circumstances compared to the unique and particularly insidious nature of zero-day attacks.