vulnerabilitiesAttack on Microsoft SharePoint servers
Two critical zero-day vulnerabilities in SharePoint are actively exploited by attackers in real-world attacks.
Latest
signs of phishingNew phishing scam lures users with fake HR policy updates
A curious case of spear-phishing email techniques employed on a mass scale.
wi-fiIs your printer informing on you to the police?
Wi-Fi sensing lets you monitor motion in your home – without cameras or motion sensors. We weigh the pros and cons of this increasingly popular technology.
Is your router secretly working for foreign intelligence?
Why advanced attackers are interested in your home Wi-Fi access points, and how they maintain control over your devices.
All about CVSS: how vulnerability scoring evolved
We break down the Common Vulnerability Scoring System: what it’s for, how it’s used in practice, and why the Base Score is just the beginning — not the end — of vulnerability assessment.
BYODSchrödinger’s antivirus: is protection dead or alive?
How the research tool Defendnot disables Microsoft Defender by registering a fake antivirus, and why you shouldn’t always trust what your operating system says.
How to protect yourself from SMS blaster scams
Scammers have figured out how to send text messages that actually bypass cellular networks. How does illicit “SMS blasting” work, why does it matter for travelers, and how to stay safe.
How installing a fake extension from Open VSX led to cryptocurrency theft
This is a story of how a blockchain developer lost US$500 000 to a fake Solidity extension from the Open VSX marketplace.
Is a Gemini AI update about to kill privacy on your Android device?
Google has rolled out an update for Android that gives Gemini access to your Phone, Messages, WhatsApp, and Utilities data without your explicit consent. Here’s a detailed guide on how to disable these permissions.
Gamers
Gamers beware: Trojans have invaded Steam
If you still think that Steam, Google Play, and the App Store are malware-free, then read this fascinating story about PirateFi and other hacker creations disguised as games.
How scammers attack young gamers
Autumn is here, kids are going back to school and also meeting up with friends in their favorite online games. With that in mind, we have just carried out one of our biggest ever studies of the threats young gamers are most likely to encounter.
Live hack: Apex Legends esports tournament scandal
Hackers have long been engaging with the gaming world: from cracking games and creating cheats, to, more recently, attacking esports players live during an Apex Legends tournament. Regarding the latter, we break down what happened and how it could have been avoided.
Mario Forever, malware too: a free game with a miner and Trojans inside
Malicious versions of the free-to-download game Super Mario 3: Mario Forever plant a miner and a stealer on gamers’ machines.
Minecraft players under attack
Minecraft mods downloaded from several popular gaming websites contain dangerous malware. What we know so far.
The Phantom Menace: how gamers of different ages are being attacked
Why scammers are more likely to target kids than hardcore gamers, how they do it, and what they want to steal
Business
Top fraud schemes threatening e-commerce
How cybercriminals can exploit your online store — and how to stop them.
How not to go bankrupt from industrial digitalization
How integrated industrial cybersecurity solutions protect OT networks and reduce the cost of critical incidents.
threatsHow to survive digitalization
Drawing from INTERPOL’s just-released Africa Cyberthreat Assessment Report, we identify which threats most often target developing businesses – and how to stop them.
“B”-grade security: three vulnerabilities in Sitecore CMS
Researchers have found several vulnerabilities in the Sitecore CMS platform that enable unauthenticated remote code execution (RCE).
CVE-2025-6019: time to update Linux
Researchers have found a vulnerability that allows attackers to get root privileges on most Linux distributions.
I firmly believe that the concept of cybersecurity will soon become obsolete, and cyberimmunity will take its place.
Eugene Kaspersky
Tips
TipsHow to shrink your digital footprint
Adjust your daily routines to leave as little data about yourself online as possible.
Passkeys in 2025: tips for power users
This guide dives into using passkeys to sign in from someone else’s computer, storing them on a removable device, and transferring between devices.
Passkeys in 2025: your complete guide to passwordless sign-in
Can you ditch passwords entirely for passkeys? We explore when it’s possible, and when it’s still a challenge.