vulnerabilities“B”-grade security: three vulnerabilities in Sitecore CMS
Researchers have found several vulnerabilities in the Sitecore CMS platform that enable unauthenticated remote code execution (RCE).
Latest
stealersYour cat pics are at risk: the threat posed by the new SparkKitty Trojan
This marks the second time we’ve found a stealer Trojan in the App Store.
leaks16 billion passwords leaked: what should I do?
First, don’t panic. Second, change your passwords. What else? Read this blogpost to protect your accounts.
CVE-2025-6019: time to update Linux
Researchers have found a vulnerability that allows attackers to get root privileges on most Linux distributions.
Internet on the go with Kaspersky eSIM Store
We’ve launched the Kaspersky eSIM Store — an easy way to buy and activate eSIM cards, giving you instant cellular internet access in over 150 countries and regions worldwide.
How to choose open-source solutions for your organization
How to assess all the complexities of open-source application integration in advance, and choose the most efficient solutions.
CVE-2025-33053: a good reason to update Windows
Internet Explorer sends its regards: a vulnerability in the HTTP protocol extension allows attackers to run malicious code — even on a modern operating system.
threatsHow hackers target Gen Z
Malicious actors are busy setting up fake Netflix websites, trying to trick visitors into paying for supposedly legitimate subscriptions, and promising in-game currency and skins for popular games. How else are they scamming Gen Zers, and what can we do to fight back?
SIEMThe hidden costs of free SIEM
While open-source projects let you build almost any infosec solution, it’s crucial to realistically assess your team’s resources and the time it would take to achieve your goals.
Gamers
gamersGamers beware: Trojans have invaded Steam
If you still think that Steam, Google Play, and the App Store are malware-free, then read this fascinating story about PirateFi and other hacker creations disguised as games.
How scammers attack young gamers
Autumn is here, kids are going back to school and also meeting up with friends in their favorite online games. With that in mind, we have just carried out one of our biggest ever studies of the threats young gamers are most likely to encounter.
Live hack: Apex Legends esports tournament scandal
Hackers have long been engaging with the gaming world: from cracking games and creating cheats, to, more recently, attacking esports players live during an Apex Legends tournament. Regarding the latter, we break down what happened and how it could have been avoided.
Mario Forever, malware too: a free game with a miner and Trojans inside
Malicious versions of the free-to-download game Super Mario 3: Mario Forever plant a miner and a stealer on gamers’ machines.
Minecraft players under attack
Minecraft mods downloaded from several popular gaming websites contain dangerous malware. What we know so far.
The Phantom Menace: how gamers of different ages are being attacked
Why scammers are more likely to target kids than hardcore gamers, how they do it, and what they want to steal
Business
DollyWay World Domination: attack on WordPress websites
Since 2016, a threat actor has been exploiting insecure plugins and themes to infect WordPress websites and redirect traffic to malicious websites.
Lessons learned from the trojanized KeePass incident
A popular password manager was modified to allow attackers to steal passwords and encrypt users’ data. How to protect home computers and corporate systems from this threat?
Scammers exploiting Microsoft business notifications to launch attacks
This post examines a hybrid email-and-phone scam in which attackers send emails from a genuine Microsoft email address.
The ABCs of cyber-resilience
Businesses reaching the “acceptance stage”: given inevitable breaches — how to prepare for them?
Fake websites popping up in Google search ads
Scammers are using Google ads to push fake versions of real websites – and they’re after business accounts and company data.
I firmly believe that the concept of cybersecurity will soon become obsolete, and cyberimmunity will take its place.
Eugene Kaspersky
Tips
TipsWhat kids are doing online
Ever wondered why kids these days spend so much time online? Most parents do. So we found out what they’re actually doing there (spoiler: nothing bad).
Digital detox: How to take a safe break from screens
Planning a safe digital detox: a checklist to help prepare for a vacation and unwind in peace.
Should you disable Microsoft Recall in 2025?
A year after its disastrous announcement, Microsoft is finally launching its AI-powered Recall feature on Copilot+ PCs. Is the new version secure, and what’s actually changed?
Migration to zero trust in practice – including the pitfalls
How organizations implement zero-trust principles, and what CISOs advise for project success.