Malicious code
Software or firmware intended to perform an unauthorized process that will have adverse impact on the confidentiality, integrity, or availablility of an IS.

Source:
CNSS Instruction No. 4009