phishingBrowser-in-the-browser attacks: from theory to reality
A browser-in-the-browser attack, theoretically described in 2022, has been adopted in real-world phishing. We break down how it works, and how to spot a fake authentication window.
Latest
containersAnother look inside the container
The latest update to Kaspersky Cloud Workload Security adds support for an AI assistant for image analysis.
macOSThe ExifTool vulnerability: how an image can infect macOS systems
An in-depth analysis of CVE-2026-3102, a vulnerability posing a potential threat to anyone processing images on a Mac.
Cloudless malware attribution
What is the purpose of a local version of the Kaspersky Threat Attribution Engine, and how to hook it up to IDA Pro?
social engineering
OpenClaw threats: assessing the risks, and how to handle shadow AI
What corporate security teams should do about the “viral” AI agent.
datingLove, AI & robots
Why do we have a love-hate relationship with dating apps, and what are they doing to our brains? Can an emoji start a war? Is marrying an AI actually a thing? We’re exploring how modern tech is redefining love and our very ideas of it.
The Winter Games in Italy: how to avoid the scams
We’re breaking down how to protect yourself from fake streams, counterfeit tickets, and non-existent merch — and how to keep your personal and financial data from being snatched during the 2026 Winter Olympic Games.
Gamers
Vulnerability in Unity game engine
Any game based on the popular Unity engine made in the last eight years can allow attackers to get into your computer or smartphone. Here’s what to do about it.
Gamers under fire: malware on official websites
Official gaming websites and platforms may seem safe, but even there gamers occasionally encounter malware. We break down infection cases involving Endgame Gear, Steam, and Minecraft.
Gamers beware: Trojans have invaded Steam
If you still think that Steam, Google Play, and the App Store are malware-free, then read this fascinating story about PirateFi and other hacker creations disguised as games.
How scammers attack young gamers
Autumn is here, kids are going back to school and also meeting up with friends in their favorite online games. With that in mind, we have just carried out one of our biggest ever studies of the threats young gamers are most likely to encounter.
Live hack: Apex Legends esports tournament scandal
Hackers have long been engaging with the gaming world: from cracking games and creating cheats, to, more recently, attacking esports players live during an Apex Legends tournament. Regarding the latter, we break down what happened and how it could have been avoided.
Mario Forever, malware too: a free game with a miner and Trojans inside
Malicious versions of the free-to-download game Super Mario 3: Mario Forever plant a miner and a stealer on gamers’ machines.
Minecraft players under attack
Minecraft mods downloaded from several popular gaming websites contain dangerous malware. What we know so far.
Business
Risks, vulnerabilities, and zero trust: key terms the CISO and the board must agree on
Breaking down core cybersecurity terms that colleagues often interpret differently or incorrectly.
How to detect FortiCloud SSO authentication bypass
Kaspersky SIEM got a set of correlation rules for detecting attempts to exploit vulnerabilities for authentication bypass in Fortinet products.
The practical value of cyberthreat attribution
Why is it useful to attribute malware to a specific hacker group?
Detecting account compromise with SIEM
Detecting attacks related to compromised accounts with AI and other updates in Kaspersky SIEM.
AI agents in your organization: managing the risks
The top-10 risks of deploying autonomous AI agents, and our mitigation recommendations.
I firmly believe that the concept of cybersecurity will soon become obsolete, and cyberimmunity will take its place.
Eugene Kaspersky
Tips
How to recognize a deepfake: attack of the clones
Learn how to spot deepfakes in photos, videos, voice messages, and video calls in real time.
Epochalypse Now — or how to deal with Y2K38
What is the year 2038 problem — also known as “Unix Y2K” — and how to prepare corporate IT systems for it?
Your personal cybersecurity checklist for 2026
Eight digital New Year’s resolutions you absolutely need to keep.
Phishing in Telegram Mini Apps: what’s Habib’s papakha got to do with it?
We break down a new scam that leverages Telegram Mini Apps, and explain how to avoid taking the bait.