supply chain

Attacks on companies via their suppliers and contractors are becoming increasingly widespread. How can you manage this risk?

Malicious packages for AI integration containing infostealer malware were found in the Python Package Index repository.

Espionage operations to hack corporate routers are now commonplace — and all organizations need to be aware of this.

Even if you don’t know it, you probably have devices running Linux at home — and they need protection too! Here are three Linux threats that even IT professionals often forget about.

Cybercriminals are attacking 3CX VoIP telephony software users via trojanized applications.

New malicious campaign hunts for Discord tokens and credit card information via infected npm packages.

Five arguments in favor of installing security solutions on the endpoints of a small company.

Hackers from Lapsus$ group claim they breached Okta, a major provider of access management systems.

Researchers from Cambridge describe the Trojan Source method for inserting hidden implants in source code.

Npm package UAParser.js, installed on tens of millions of computers worldwide, has been infected with a password stealer and a miner. Here’s what to do.

Blocking a threat isn’t enough; you have to understand and reconstruct the whole infection chain.

Unknown attackers tried to add a backdoor to PHP scripting language source code.

Kaspersky was honored to take part in the 15th annual Internet Governance Forum.

Charles Perrault explains how hired hackers use social engineering and watering hole attacks for political purposes.

Small businesses may not be the main target of cybercriminals, but it does not mean an SMB will not fall victim to a supply-chain attack. How not to become collateral damage.

It appears the ASUS incident was just one part of the large-scale operation.

Do you use plugins on your website? Make sure they are updated regularly.

In this episode of the Kaspersky Lab podcast, Dave and Jeff take a look at a bad week for Facebook, a backdoor into ASUS, downed flights in the US, and more.

Our technologies detected a threat that seems to be one of the biggest supply-chain attacks ever.

Analysis of Sauron’s hacking tools implemented in the devices known as Rings of Power.

A supply-chain attack against Copay cryptowallets through an open-source library enables bitcoin theft.