Kaspersky official blog

How VoidStealer bypasses Chrome's protections to hijack sessions and steal data

New VoidStealer Trojan bypasses Chrome’s stored data protection

The new VoidStealer Trojan utilizes a novel method to bypass Chrome’s App-Bound Encryption, allowing it to hijack sessions and steal user data.

Latest

Supply chain attack via DAEMON Tools

A targeted supply chain attack via popular software for mounting disk images.

The motivation of droids from the “Star Wars” universe

What’s wrong with “Star Wars” droids’ motivation?

How and why droids from a galaxy far, far away switch their allegiances.

Is your car spying on you?

How law enforcement and intelligence agencies leverage data from connected vehicles, and what your car might be leaking about you.

A practical guide to secure vibe-coding for small businesses

How to mitigate vibe-coding risks

Building a functional app without programming skills is now a possibility, but maintaining it and ensuring cybersecurity remains a challenge. Here are several protective measures that even non-technical creators can implement.

Phishing crypto-wallet clones in the App Store and other attacks on iOS and macOS crypto owners

Crypto thieves ramping up attacks on Apple users

We’ve discovered over two dozen phishing apps mimicking popular crypto wallets right in the official App Store. Here’s a breakdown of the new waves of attacks targeting iPhone and Mac users and their crypto holdings.

Eavesdropping via fiber-optic cables – theory and reality

Researchers have established that fiber-optic cables can be exploited for eavesdropping. We’re breaking down how feasible such an attack is in a real-world scenario.

Tax filings free from phishing, scams, or malware

As tax-return season rolls around, cybercriminals worldwide are shifting into high gear. They peddle fraudulent services, spoof official tax agency websites, and drain the bank accounts of unsuspecting taxpayers. Here’s how to spot phishing attempts and scams, along with tips for handling your tax documents securely

Targeting developers: real-world cases, tactics, and defense strategies

How and why cybercriminals are targeting software developers

We’re breaking down why developers have moved into the crosshairs, the specific tactics attackers are using, and how to reduce the risks of company infrastructure being compromised.

Gamers

The CVE-2025-59489 vulnerability in Unity, and how to fix it in games

Vulnerability in Unity game engine

Any game based on the popular Unity engine made in the last eight years can allow attackers to get into your computer or smartphone. Here’s what to do about it.

Viruses on official Steam, Minecraft, and Endgame Gear sites

Gamers under fire: malware on official websites

Official gaming websites and platforms may seem safe, but even there gamers occasionally encounter malware. We break down infection cases involving Endgame Gear, Steam, and Minecraft.

Trojanized game PirateFi discovered on Steam

Gamers beware: Trojans have invaded Steam

If you still think that Steam, Google Play, and the App Store are malware-free, then read this fascinating story about PirateFi and other hacker creations disguised as games.

How cybercriminals attack young gamers: the most common and dangerous scams

How scammers attack young gamers

Autumn is here, kids are going back to school and also meeting up with friends in their favorite online games. With that in mind, we have just carried out one of our biggest ever studies of the threats young gamers are most likely to encounter.

Hackers disrupt Apex Legends esports tournament

Live hack: Apex Legends esports tournament scandal

Hackers have long been engaging with the gaming world: from cracking games and creating cheats, to, more recently, attacking esports players live during an Apex Legends tournament. Regarding the latter, we break down what happened and how it could have been avoided.