Kaspersky official blog

How automation turns legitimate tools into a channel for malware delivery.

Millions of websites based on React and Next.js contain an easy-to-exploit vulnerability that can lead to complete server takeover. How to check if your server is vulnerable, and protect corporate web assets?

Researchers have discovered how to connect to someone else’s dashcam in a matter of seconds, and weaponize it for future attacks.

Here’s how to mitigate the risks of targeted attacks on your organization’s mail servers.

How attackers use AI-generated fake websites to distribute trojanized builds of the legitimate Syncro remote access tool (RAT).

How organizations save employee time and boost productivity with the new version of Kaspersky SD-WAN.

Two separate research papers vividly demonstrate how virtual systems can be compromised in a hostile environment — specifically, when the data owner can’t even trust the cloud provider.

How AI-generated code is changing cybersecurity — and what developers and “vibe coders” should expect.

Our experts trained an ML model to detect attempts to use DLL hijacking, and integrated it into the Kaspersky SIEM system.

Which path of cybersecurity team evolution best suits your company’s strategy?

Using our Kaspersky Next product line as an example, we explain the practical differences between XDR Optimum and EDR Optimum.

A fresh research paper shows how complex vulnerabilities in CPUs can be leveraged in the most pertinent attacks on cloud-based systems.

A race between tech giants is unfolding before our very eyes. Who’ll be the first to transform the browser into an AI assistant app? As you test these new products, be sure to consider their enormous impact on security and privacy.

Most employees are already using personal LLM subscriptions for work tasks. How do you balance staying competitive with preventing data leaks?

A popular developer tool has been trojanized and is uploading secrets to public GitHub repositories. We discuss what’s important to know for both developers and cybersecurity services.

Google experts have demonstrated how complex hardware vulnerabilities in CPUs can be effectively exploited.

We dive into which corporate systems support passkeys, where compatibility falls short, and why we probably won’t be saying goodbye to passwords anytime soon.

Regulation and the evolving threat landscape are driving companies to adopt more resilient forms of employee authentication. Are passkeys a cost-effective and straightforward replacement for traditional passwords?

Causes of discrepancies in Common Vulnerability Scoring System ratings, common mistakes when using CVSS for vulnerability prioritization, and how to do this right.

Wi-Fi sensing lets you monitor motion in your home – without cameras or motion sensors. We weigh the pros and cons of this increasingly popular technology.

Why advanced attackers are interested in your home Wi-Fi access points, and how they maintain control over your devices.