vulnerabilityCritical vulnerability in PyTorch framework
Researchers have found a way to exploit a security mechanism in a popular machine-learning framework.
Latest
strategy
messengersMessengers 101: safety and privacy advice
A dozen short and simple tips on how to use WhatsApp, Telegram, Signal, iMessage, WeChat, and other messaging apps safely and hassle-free.
archiversSecurity measures for handling archive files in organizations
Archives are being used in targeted phishing and other attacks on organizations. What tools, settings, and policies can mitigate the threat?
Scammers exploiting GetShared for phishing attacks
Scammers are exploiting GetShared to bypass email security.
What happens if you download a cracked program?
Spoiler: nothing good. Along with pirated software, you’ll probably pick up a miner, stealer, or backdoor.
NFC carders hide behind Apple Pay and Google Wallet
Cybercriminals are inventing new ways to swipe money from payment cards by using credentials phished online or over the phone. Sometimes, just holding your card to your phone is enough to leave you penniless.
When files are not what they seem
Attackers use the polyglot technique to disguise malware. We explain what it is and how to protect your company against attacks.
Tarot and cyberthreats: a new Trojan for fans of the supernatural
New malware targets magic enthusiasts — sending stolen data to an “astral cloud server”.
Gamers
gamersGamers beware: Trojans have invaded Steam
If you still think that Steam, Google Play, and the App Store are malware-free, then read this fascinating story about PirateFi and other hacker creations disguised as games.
How scammers attack young gamers
Autumn is here, kids are going back to school and also meeting up with friends in their favorite online games. With that in mind, we have just carried out one of our biggest ever studies of the threats young gamers are most likely to encounter.
Live hack: Apex Legends esports tournament scandal
Hackers have long been engaging with the gaming world: from cracking games and creating cheats, to, more recently, attacking esports players live during an Apex Legends tournament. Regarding the latter, we break down what happened and how it could have been avoided.
Mario Forever, malware too: a free game with a miner and Trojans inside
Malicious versions of the free-to-download game Super Mario 3: Mario Forever plant a miner and a stealer on gamers’ machines.
Minecraft players under attack
Minecraft mods downloaded from several popular gaming websites contain dangerous malware. What we know so far.
The Phantom Menace: how gamers of different ages are being attacked
Why scammers are more likely to target kids than hardcore gamers, how they do it, and what they want to steal
Business
A ransomware attack through an IP camera
Fending off ransomware attacks that exploit corporate IoT devices.
SIEM
Operation ForumTroll: APT attack via zero-day vulnerability
Our technologies have helped to detect the zero-day vulnerability CVE-2025-2783 in Google Chrome, which was used in a sophisticated APT attack.
Fog ransomware publishes victim’s IP-addresses
Cybercriminals behind the Fog ransomware publish leaked data along with the IP addresses of attacked computers.
Attack on DevOps: secrets leaked via malicious GitHub Action
How to respond to a compromised GitHub changed-files Action incident.
I firmly believe that the concept of cybersecurity will soon become obsolete, and cyberimmunity will take its place.
Eugene Kaspersky
Business
Popular
Critical vulnerability in Apache Log4j library
Researchers discovered a critical vulnerability in Apache Log4j library, which scores perfect 10 out of 10 in CVSS. Here’s how to protect against it.
Case study: fake hardware cryptowallet
Full review of a fake cryptowallet incident. It looks and feels like a Trezor wallet, but puts all your crypto-investments into the hands of criminals.
Five things to update ASAP
Prioritize updating the apps that keep your devices and personal data safe from cyberattacks.
Update iOS, there is a dangerous vulnerability in WebKit
Dangerous vulnerability in WebKit (CVE-2022-22620) is believed to be actively exploited by hackers. Update your iOS devices as soon as possible!
What to do if you lose your phone with an authenticator app
Can’t sign in to an account because your authenticator app is on a lost phone? Here’s what to do.
AndroidInfected Android app store
The APKPure app store has been infected by a malicious module that downloads Trojans to Android devices.
Follina: office documents as an entrance
New vulnerability CVE-2022-30190, aka Follina, allows exploitation of Windows Support Diagnostic Tool via MS Office files.
Tips
How to safely convert files
Online converters are a tempting but dangerous way to change file formats. We tell you how to convert files and not get trojanized.
Kaspersky spots Maha Kumbh-related scams
Experts at Kaspersky have uncovered fake online stores scamming Maha Kumbh Mela 2025 devotees with fraudulent holy merchandise. Here’s how you can stay safe and protect yourself from online scams.
New Year’s resolutions for a cybersecure 2025
Mistakes to learn from in 2024 – and resolutions for a safer 2025.
How safe is encrypted file storage?
Threats to data stored in Sync, pCloud, and other encrypted alternatives to Dropbox.