Business

Millions of websites based on React and Next.js contain an easy-to-exploit vulnerability that can lead to complete server takeover. How to check if your server is vulnerable, and protect corporate web assets?

Identifying threats to embedded devices, and how the updated Kaspersky Embedded Systems Security can help in tackling them?

Here’s how to mitigate the risks of targeted attacks on your organization’s mail servers.

Systematic measures and tools that organizations can use to defend against malicious browser extensions.

We examine how popular Canon printers could become a foothold for attackers within an organization’s network.

Malicious actors have started utilizing a new variation of the ClickFix technique — named “FileFix”. We explain how it works, and how to defend your company against it.

The differences between an MXDR service for a large enterprise, and one that would fit perfectly into the security framework of a growing SMB.

Two campaigns by the BlueNoroff APT group target developers and executives in the crypto industry.

The optical sensors in computer mice can be used for eavesdropping. We break down why this is fascinating — but still a long way from real-world practicality.

Attackers are abusing legitimate websites to host hidden SEO links. We break down their tactics, and what you can do about it.

Two separate research papers vividly demonstrate how virtual systems can be compromised in a hostile environment — specifically, when the data owner can’t even trust the cloud provider.

How AI-generated code is changing cybersecurity — and what developers and “vibe coders” should expect.

Attackers pretending to be airlines or airports are sending out fake partnership offers.

Our experts trained an ML model to detect attempts to use DLL hijacking, and integrated it into the Kaspersky SIEM system.

Phoenix, a new variant of the Rowhammer attack, makes it possible to attack DDR5 memory modules.

Using our Kaspersky Next product line as an example, we explain the practical differences between XDR Optimum and EDR Optimum.

Which path of cybersecurity team evolution best suits your company’s strategy?

A fresh research paper shows how complex vulnerabilities in CPUs can be leveraged in the most pertinent attacks on cloud-based systems.

A close look at attacks on LLMs: from ChatGPT and Claude to Copilot and other AI-assistants that power popular apps.

A new large-scale attack on a popular JavaScript code registry has hit around 150 packages. The automatic propagation of the threat makes it especially dangerous — developers need to react ASAP.

Unknown attackers have compromised several popular npm packages in a supply-chain attack.