AirTagHow to track anyone via the Find My network
Apple’s Find My network can be exploited to remotely track other vendors’ Android, Windows, and Linux devices.
All posts
3265 articles
SIEM
Internet of thingsThree ways to hack… a mattress!
A security researcher has investigated his own smart mattress cover, discovering several ways to hack it — including through a backdoor preinstalled by the developer.
vulnerabilitiesOperation ForumTroll: APT attack via zero-day vulnerability
Our technologies have helped to detect the zero-day vulnerability CVE-2025-2783 in Google Chrome, which was used in a sophisticated APT attack.
Privacy under attack: nasty surprises in Chrome, Edge, and Firefox
How to counter new privacy invasions by browser developers
Fog ransomware publishes victim’s IP-addresses
Cybercriminals behind the Fog ransomware publish leaked data along with the IP addresses of attacked computers.
Arcane stealer instead of Minecraft cheats
If you’ve ever downloaded game cheats from a YouTuber’s “link in the description”, your computer might be infected with a stealer.
supply-chain attackAttack on DevOps: secrets leaked via malicious GitHub Action
How to respond to a compromised GitHub changed-files Action incident.
AndroidGoogle forcing Android System SafetyCore on users to scan for nudes
We dive into the mechanics of the controversial nude-scanning app that has mysteriously materialized on a billion phones.
Three VMware vulnerabilities: key risks and urgent patches
Reasons for updating your ESXi infrastructure ASAP, and enterprise threats that VM escape poses.
Six Microsoft vulnerabilities being actively exploited
Microsoft’s March Patch Tuesday fixes several vulnerabilities that have already been used in the wild. Details are not clear at the moment, but it’s worth installing the patches ASAP.
Lessons from the Bybit hack: how to store crypto safely
Takeaways for regular crypto holders from the biggest crypto heist in history.
phishingChecking QR codes in emails
We’ve added technology that checks QR codes in emails for phishing links.
Trojans masquerading as DeepSeek and Grok clients
We found several groups of sites mimicking official websites of the DeepSeek and Grok chatbots. Fake sites distribute malware under the guise of non-existent chatbot clients for Windows.
Miner inconvenience: how cybercriminals blackmail YouTubers into promoting malware
Cybercriminals are blackmailing YouTube bloggers into posting malware links in their video descriptions.
What events help an MDR service detect attacks?
What information does an MDR service need to protect a company from complex targeted attacks?
How to safely convert files
Online converters are a tempting but dangerous way to change file formats. We tell you how to convert files and not get trojanized.
Attack on Google OAuth using abandoned domains
A vulnerability in Google OAuth allows attackers to access accounts of defunct organizations through abandoned domains.
How smartphones build a dossier on you
We break down the most covert mechanism of smartphone surveillance using real-life examples.
How to safely scan large file storage for malware
A step-by-step guide to scanning disk arrays weighing tens of terabytes with the aid of Kaspersky products.
Malicious code on GitHub: How hackers target programmers
We discovered over 200 repositories with fake projects on GitHub. Using them, attackers distribute stealers, clippers, and backdoors.