Kaspersky official blog

Can you ditch passwords entirely for passkeys? We explore when it’s possible, and when it’s still a challenge.

Malicious actors are busy setting up fake Netflix websites, trying to trick visitors into paying for supposedly legitimate subscriptions, and promising in-game currency and skins for popular games. How else are they scamming Gen Zers, and what can we do to fight back?

Scammers are promising compensation from a bank to all comers — with no exceptions — and to boost their credibility they’ve even rolled out a deepfake newscast generated by AI.

A popular password manager was modified to allow attackers to steal passwords and encrypt users’ data. How to protect home computers and corporate systems from this threat?

This post examines a hybrid email-and-phone scam in which attackers send emails from a genuine Microsoft email address.

Scammers are using Google ads to push fake versions of real websites – and they’re after business accounts and company data.

Scammers are exploiting Google services to send fake law enforcement inquiry notifications, making them look like they originate from accounts.google.com.

A year after its disastrous announcement, Microsoft is finally launching its AI-powered Recall feature on Copilot+ PCs. Is the new version secure, and what’s actually changed?

A popular blogger’s Instagram account was hijacked using a SIM-swap attack, and deepfakes were generated to scam followers.

Counterfeit smartphones imitating well-known brands and offered online come pre-installed with the powerful Triada Trojan.

We explain where and how to view porn without risking the security of your devices or your wallet.

Analyzing the popular CISO MindMap from an economic efficiency perspective.

Archives are being used in targeted phishing and other attacks on organizations. What tools, settings, and policies can mitigate the threat?

Cybercriminals are inventing new ways to swipe money from payment cards by using credentials phished online or over the phone. Sometimes, just holding your card to your phone is enough to leave you penniless.

New malware targets magic enthusiasts — sending stolen data to an “astral cloud server”.

Our technologies have helped to detect the zero-day vulnerability CVE-2025-2783 in Google Chrome, which was used in a sophisticated APT attack.

Takeaways for regular crypto holders from the biggest crypto heist in history.

We’ve added technology that checks QR codes in emails for phishing links.

We found several groups of sites mimicking official websites of the DeepSeek and Grok chatbots. Fake sites distribute malware under the guise of non-existent chatbot clients for Windows.

Online converters are a tempting but dangerous way to change file formats. We tell you how to convert files and not get trojanized.

Everything you wanted to know about meme cryptocurrencies — such as TRUMP and DOGE — and ways to win or lose big.