Abstract This article argues that some core tenets of Actor-Network Theory (ANT) can serve as heuristics for a better understanding of what the stakes of cyber-security are, how it operates, and how it fails. Despite the centrality of cyber-incidents in the cyber-security discourse, researchers have yet to understand their link to, and affects on politics. We close this gap by combining ANT insights with an empirical examination of a prominent cyber-incident (Stuxnet). We demonstrate that the disruptive practices of cyber-security caused by malicious software (malware), lie in their ability to actively perform three kinds of space (regions, networks, and fluids), each activating different types of political interventions. The article posits that the fluidity of malware challenges the consistency of networks and the sovereign boundaries set by regions, and paradoxically, leads to a forceful re-enactment of them. In this respect, the conceptualisation of fluidity as an overarching threat accounts for multiple policy responses and practices in cyber-security as well as attempts to (re-)establish territoriality and borders in the virtual realm. While this article concentrates on cyber-security, its underlying ambition is to indicate concretely how scholars can profitably engage ANT’s concepts and methodologies.