password managerLessons learned from the trojanized KeePass incident
A popular password manager was modified to allow attackers to steal passwords and encrypt users’ data. How to protect home computers and corporate systems from this threat?
Latest
USBData theft during smartphone charging
Can your photos be viewed, stolen, or deleted when your smartphone is plugged into a public charging station? As it turns out — yes!
phishingScammers exploiting Microsoft business notifications to launch attacks
This post examines a hybrid email-and-phone scam in which attackers send emails from a genuine Microsoft email address.
smart homeNot-so-smart home
Our experts at GReAT have uncovered a dangerous vulnerability in a smart-home control app that allowed attackers to disable physical security systems.
tipsDigital detox: How to take a safe break from screens
Planning a safe digital detox: a checklist to help prepare for a vacation and unwind in peace.
The ABCs of cyber-resilience
Businesses reaching the “acceptance stage”: given inevitable breaches — how to prepare for them?
Fake websites popping up in Google search ads
Scammers are using Google ads to push fake versions of real websites – and they’re after business accounts and company data.
AirBorne: Attacks on Apple devices through vulnerabilities in AirPlay
Newly discovered vulnerabilities in AirPlay allow attacks on Apple devices and other AirPlay-enabled products over Wi-Fi – including zero-click exploits.
How Interlock attacks IT specialists with fake CAPTCHAs and ClickFix
We explore how cybercriminals are targeting IT specialists searching for a popular network scanner, using the Interlock ransomware attack as an example.
Gamers
gamersGamers beware: Trojans have invaded Steam
If you still think that Steam, Google Play, and the App Store are malware-free, then read this fascinating story about PirateFi and other hacker creations disguised as games.
How scammers attack young gamers
Autumn is here, kids are going back to school and also meeting up with friends in their favorite online games. With that in mind, we have just carried out one of our biggest ever studies of the threats young gamers are most likely to encounter.
Live hack: Apex Legends esports tournament scandal
Hackers have long been engaging with the gaming world: from cracking games and creating cheats, to, more recently, attacking esports players live during an Apex Legends tournament. Regarding the latter, we break down what happened and how it could have been avoided.
Mario Forever, malware too: a free game with a miner and Trojans inside
Malicious versions of the free-to-download game Super Mario 3: Mario Forever plant a miner and a stealer on gamers’ machines.
Minecraft players under attack
Minecraft mods downloaded from several popular gaming websites contain dangerous malware. What we know so far.
The Phantom Menace: how gamers of different ages are being attacked
Why scammers are more likely to target kids than hardcore gamers, how they do it, and what they want to steal
Business
Migration to zero trust in practice – including the pitfalls
How organizations implement zero-trust principles, and what CISOs advise for project success.
Five new reasons not to pay ransoms
How the situation with ransomware attacks on companies has changed, and why paying a ransom has become an even worse and more useless idea in 2025.
ClickFix technique: what it is and why it’s dangerous
An infection tactic called ClickFix is becoming increasingly popular among cybercriminals. We explain how such attacks work and how to protect your company against it.
How AI creates “slopsquatting” supply-chain risks
Popular AI code assistants try to call non-existent libraries. But what happens if attackers actually create them?
Critical vulnerability in PyTorch framework
Researchers have found a way to exploit a security mechanism in a popular machine-learning framework.
I firmly believe that the concept of cybersecurity will soon become obsolete, and cyberimmunity will take its place.
Eugene Kaspersky
Tips
Should you disable Microsoft Recall in 2025?
A year after its disastrous announcement, Microsoft is finally launching its AI-powered Recall feature on Copilot+ PCs. Is the new version secure, and what’s actually changed?
Turning purple: how visited links threaten your privacy
Why highlighted links to visited sites can be dangerous, and why a solution was over 20 years in the making.
Messengers 101: safety and privacy advice
A dozen short and simple tips on how to use WhatsApp, Telegram, Signal, iMessage, WeChat, and other messaging apps safely and hassle-free.
Security measures for handling archive files in organizations
Archives are being used in targeted phishing and other attacks on organizations. What tools, settings, and policies can mitigate the threat?