macOSInfostealer has entered the chat
A new wave of ClickFix attacks spreading a macOS infostealer are posting malicious user guides on the official ChatGPT website by piggybacking the chatbot’s chat-sharing feature.
Latest
vulnerabilitiesReact4Shell vulnerability: protecting web servers from CVE-2025-55182
Millions of websites based on React and Next.js contain an easy-to-exploit vulnerability that can lead to complete server takeover. How to check if your server is vulnerable, and protect corporate web assets?
AIHow to eavesdrop on a neural network
The Whisper Leak attack allows its perpetrator to guess the topic of your conversation with an AI assistant — without decrypting the traffic. We explore how this is possible, and what you can do to protect your AI chats.
Lock, stock, and two smoking barrels: the DeckMate 2 shuffler hack
How researchers hacked DeckMate 2 card shufflers, and how the mafia exploited those very vulnerabilities to cheat at poker.
embedded systemsSecuring embedded devices in 2025
Identifying threats to embedded devices, and how the updated Kaspersky Embedded Systems Security can help in tackling them?
CarsBotnets on wheels: the mass hacking of dashcams
Researchers have discovered how to connect to someone else’s dashcam in a matter of seconds, and weaponize it for future attacks.
Hardening Exchange servers
Here’s how to mitigate the risks of targeted attacks on your organization’s mail servers.
Hacking Black Friday: using LLMs to save on the “sale of the year”
We’re going bargain hunting in a new way: armed with AI. In this post: examples of effective prompts.
Browser extensions: never trust, always verify
Systematic measures and tools that organizations can use to defend against malicious browser extensions.
Gamers
Vulnerability in Unity game engine
Any game based on the popular Unity engine made in the last eight years can allow attackers to get into your computer or smartphone. Here’s what to do about it.
Gamers under fire: malware on official websites
Official gaming websites and platforms may seem safe, but even there gamers occasionally encounter malware. We break down infection cases involving Endgame Gear, Steam, and Minecraft.
Gamers beware: Trojans have invaded Steam
If you still think that Steam, Google Play, and the App Store are malware-free, then read this fascinating story about PirateFi and other hacker creations disguised as games.
How scammers attack young gamers
Autumn is here, kids are going back to school and also meeting up with friends in their favorite online games. With that in mind, we have just carried out one of our biggest ever studies of the threats young gamers are most likely to encounter.
Live hack: Apex Legends esports tournament scandal
Hackers have long been engaging with the gaming world: from cracking games and creating cheats, to, more recently, attacking esports players live during an Apex Legends tournament. Regarding the latter, we break down what happened and how it could have been avoided.
Mario Forever, malware too: a free game with a miner and Trojans inside
Malicious versions of the free-to-download game Super Mario 3: Mario Forever plant a miner and a stealer on gamers’ machines.
Minecraft players under attack
Minecraft mods downloaded from several popular gaming websites contain dangerous malware. What we know so far.
Business
Printers attacked by… fonts
We examine how popular Canon printers could become a foothold for attackers within an organization’s network.
FileFix: a new ClickFix variation
Malicious actors have started utilizing a new variation of the ClickFix technique — named “FileFix”. We explain how it works, and how to defend your company against it.
SD-WAN: new dimensions of efficiency
How organizations save employee time and boost productivity with the new version of Kaspersky SD-WAN.
MXDRWhat an MXDR solution for SMBs should be like
The differences between an MXDR service for a large enterprise, and one that would fit perfectly into the security framework of a growing SMB.
GhostCall and GhostHire: hunting for crypto assets
Two campaigns by the BlueNoroff APT group target developers and executives in the crypto industry.
I firmly believe that the concept of cybersecurity will soon become obsolete, and cyberimmunity will take its place.
Eugene Kaspersky
Tips
How to disappear from the internet
A step-by-step guide to deleting as much of your digital footprint as possible.
The pros and cons of AI-powered browsers
A race between tech giants is unfolding before our very eyes. Who’ll be the first to transform the browser into an AI assistant app? As you test these new products, be sure to consider their enormous impact on security and privacy.
Digital detox: How to take a safe break from screens
Planning a safe digital detox: a checklist to help prepare for a vacation and unwind in peace.
How to safely convert files
Online converters are a tempting but dangerous way to change file formats. We tell you how to convert files and not get trojanized.