sextortionAI and the new reality of sextortion
Generative AI has taken sextortion techniques to a whole new level — now, any social media user can become a victim. How can you protect yourself and your loved ones?
Latest
Trust but verify: how we set the standard for transparency and trust
Who can you trust in the cybersecurity solutions market? Fourteen major vendors were compared in terms of transparency, security management, and data-handling practices – and guess which was a leader across the board?!…
NFCNFC skimming attacks
How criminals exploit the familiar “tap your phone to pay” feature to steal your money.
Stealthy malware masking its activity, deploying infostealer
Cybercriminals are distributing malware that deploys an infostealer and masks its activity in network and system logs.
tipsYour personal cybersecurity checklist for 2026
Eight digital New Year’s resolutions you absolutely need to keep.
Stealka stealer: the new face of game cheats, mods, and cracks
We’ve identified a new infostealer named Stealka, which masquerades as pirated software and game mods. It targets data stored inside browsers, locally installed applications, and crypto wallets.
APTForumTroll targets political scientists
GReAT experts have analyzed a new targeted campaign by the ForumTroll APT group.
Phishing in Telegram Mini Apps: what’s Habib’s papakha got to do with it?
We break down a new scam that leverages Telegram Mini Apps, and explain how to avoid taking the bait.
Forgotten IT infrastructure: even worse than shadow IT
How to eliminate the threat posed to organizations by ownerless servers and services, outdated libraries, and insecure APIs.
Gamers
gamersVulnerability in Unity game engine
Any game based on the popular Unity engine made in the last eight years can allow attackers to get into your computer or smartphone. Here’s what to do about it.
Gamers under fire: malware on official websites
Official gaming websites and platforms may seem safe, but even there gamers occasionally encounter malware. We break down infection cases involving Endgame Gear, Steam, and Minecraft.
Gamers beware: Trojans have invaded Steam
If you still think that Steam, Google Play, and the App Store are malware-free, then read this fascinating story about PirateFi and other hacker creations disguised as games.
How scammers attack young gamers
Autumn is here, kids are going back to school and also meeting up with friends in their favorite online games. With that in mind, we have just carried out one of our biggest ever studies of the threats young gamers are most likely to encounter.
Live hack: Apex Legends esports tournament scandal
Hackers have long been engaging with the gaming world: from cracking games and creating cheats, to, more recently, attacking esports players live during an Apex Legends tournament. Regarding the latter, we break down what happened and how it could have been avoided.
Mario Forever, malware too: a free game with a miner and Trojans inside
Malicious versions of the free-to-download game Super Mario 3: Mario Forever plant a miner and a stealer on gamers’ machines.
Minecraft players under attack
Minecraft mods downloaded from several popular gaming websites contain dangerous malware. What we know so far.
Business
Malware hiding in a 3D model
How automation turns legitimate tools into a channel for malware delivery.
vulnerabilitiesReact4Shell vulnerability: protecting web servers from CVE-2025-55182
Millions of websites based on React and Next.js contain an easy-to-exploit vulnerability that can lead to complete server takeover. How to check if your server is vulnerable, and protect corporate web assets?
Securing embedded devices in 2025
Identifying threats to embedded devices, and how the updated Kaspersky Embedded Systems Security can help in tackling them?
Hardening Exchange servers
Here’s how to mitigate the risks of targeted attacks on your organization’s mail servers.
Browser extensions: never trust, always verify
Systematic measures and tools that organizations can use to defend against malicious browser extensions.
I firmly believe that the concept of cybersecurity will soon become obsolete, and cyberimmunity will take its place.
Eugene Kaspersky
Tips
Infostealer has entered the chat
A new wave of ClickFix attacks spreading a macOS infostealer are posting malicious user guides on the official ChatGPT website by piggybacking the chatbot’s chat-sharing feature.
How to eavesdrop on a neural network
The Whisper Leak attack allows its perpetrator to guess the topic of your conversation with an AI assistant — without decrypting the traffic. We explore how this is possible, and what you can do to protect your AI chats.
Hacking Black Friday: using LLMs to save on the “sale of the year”
We’re going bargain hunting in a new way: armed with AI. In this post: examples of effective prompts.
Pixnapping vulnerability: unblockable screenshots of your Android phone
Pixnapping is an Android vulnerability discovered by researchers that allows apps to steal passwords, one-time codes, and other confidential information from the screen without any special permissions from the operating system. How does it work, and what can you do to protect yourself?