supply chain

In 2025, just as in the year prior, supply-chain attacks remained one of the most severe threats facing organizations. We’re breaking down last year’s most noteworthy incidents.

How open-source security solutions became the starting point for a massive attack on other popular applications, and what organizations that use them should do.

In November 2025, the npm ecosystem was hit by a flood of junk packages that were part of the IndonesianFoods malicious campaign. We’re breaking down the lessons learned from this incident.

A new large-scale attack on a popular JavaScript code registry has hit around 150 packages. The automatic propagation of the threat makes it especially dangerous — developers need to react ASAP.

A popular developer tool has been trojanized and is uploading secrets to public GitHub repositories. We discuss what’s important to know for both developers and cybersecurity services.

How to respond to a compromised GitHub changed-files Action incident.

Takeaways for regular crypto holders from the biggest crypto heist in history.

We look at the most notable supply-chain attacks of 2024.

Attacks on companies via their suppliers and contractors are becoming increasingly widespread. How can you manage this risk?

Malicious packages for AI integration containing infostealer malware were found in the Python Package Index repository.

Espionage operations to hack corporate routers are now commonplace — and all organizations need to be aware of this.

Even if you don’t know it, you probably have devices running Linux at home — and they need protection too! Here are three Linux threats that even IT professionals often forget about.

Cybercriminals are attacking 3CX VoIP telephony software users via trojanized applications.

New malicious campaign hunts for Discord tokens and credit card information via infected npm packages.

Five arguments in favor of installing security solutions on the endpoints of a small company.

Hackers from Lapsus$ group claim they breached Okta, a major provider of access management systems.

Researchers from Cambridge describe the Trojan Source method for inserting hidden implants in source code.

Npm package UAParser.js, installed on tens of millions of computers worldwide, has been infected with a password stealer and a miner. Here’s what to do.

Blocking a threat isn’t enough; you have to understand and reconstruct the whole infection chain.

Unknown attackers tried to add a backdoor to PHP scripting language source code.

Kaspersky was honored to take part in the 15th annual Internet Governance Forum.