Business

Attempts at hijacking AI resources are now taking place on an industrial scale. How is AI infrastructure being targeted, and what defensive measures should you implement?

We regularly create new SIEM rules, but behind the scenes lies a more fundamental process —the evolution of the correlation rules themselves.

A targeted supply chain attack via popular software for mounting disk images.

How and why droids from a galaxy far, far away switch their allegiances.

Building a functional app without programming skills is now a possibility, but maintaining it and ensuring cybersecurity remains a challenge. Here are several protective measures that even non-technical creators can implement.

Researchers have established that fiber-optic cables can be exploited for eavesdropping. We’re breaking down how feasible such an attack is in a real-world scenario.

We’re breaking down why developers have moved into the crosshairs, the specific tactics attackers are using, and how to reduce the risks of company infrastructure being compromised.

GDDRHammer, GeForge, and GPUBreach: three new research papers diving into attacks that exploit the Rowhammer technique.

How the AirSnitch vulnerability family threatens corporate networks, and what changes you need to make to your network architecture and settings to stay protected.

Protecting a security console is more critical than one might think. Here’s the lowdown on control-layer compromise, and how to keep it from happening.

How to manage vulnerabilities when developing or using open-source software.

How the AI boom and increasing reliance on open-source components are piling up corporate security debt — and what you can actually do about it.

In 2025, just as in the year prior, supply-chain attacks remained one of the most severe threats facing organizations. We’re breaking down last year’s most noteworthy incidents.

How open-source security solutions became the starting point for a massive attack on other popular applications, and what organizations that use them should do.

Cybercriminals are now deploying web applications generated by Bubble, an AI-powered app builder, to hunt for corporate credentials.

In November 2025, the npm ecosystem was hit by a flood of junk packages that were part of the IndonesianFoods malicious campaign. We’re breaking down the lessons learned from this incident.

Threat actors are promoting pages containing malicious instructions for installing AI agents intended for workflow automation.

Educational institutions are increasingly falling victim to ransomware attacks. We look at some real-world incidents, explain their causes, and discuss how to mitigate risks to academic infrastructure.

The latest update to Kaspersky Cloud Workload Security adds support for an AI assistant for image analysis.

An in-depth analysis of CVE-2026-3102, a vulnerability posing a potential threat to anyone processing images on a Mac.

What is the purpose of a local version of the Kaspersky Threat Attribution Engine, and how to hook it up to IDA Pro?