On Saturday/Sunday, the New York Times ran an ad that contained malware. In fact, the New York Times manned up to it in an article named Times Web Ads Show Security Breach. In short, a rogue advertiser posed as Vonage and displayed ads that appeared to be from Vonage. But what really was in those ads were lines of malicious code that filled user's screens "with an image that seemed to show a scan for computer viruses. The visitors were then told that they needed to buy antivirus software to fix a problem, but the software was more snake oil than a useful program," said the New York Times.
So how is Google to blame here? Well, according to at least one Google user in a Google News Help thread, Google led this person from Google News to the New York Times, which contained the malware.
The searcher felt it was Google's responsibility to not lead their searchers to sites that contain malware, even the New York Times. The searcher said:
Can Google please remove links to the NYTimes until they get this fixed. I got hit with this when accessing an NYTimes article via Google News and I don't appear to be the only one.
Google does malware checking and blocking, but sometimes it takes time for Google to pick up on things like this. For sites like the New York Times, users can be infected way sooner than Google detects the malware.