Wardriving assessment across Mexico: Preparing for the 2026 World Cup
Introduction
Mexico is one of the host countries for the 2026 FIFA World Cup, with matches to be played in three major cities: Mexico City,...
Containers on fire: from container escapes to supply chain attacks
Introduction
Modern infrastructures universally rely on containerization to deploy applications, scale services, and build cloud platforms. The use of Docker, Kubernetes, and similar technologies has...
What’s in the container? Analyzing vulnerabilities, risks and protection with Kaspersky Container Security and...
Introduction
Containerization using Docker has become firmly established in modern development standards, significantly increasing the speed and convenience of deploying various services. Developers often use...
Cloud Atlas activity in the second half of 2025 and early 2026: new tools...
In 2025, we observed pervasive SSH tunnel activity, which has remained active into 2026, affecting many government organizations and commercial companies in Russia and...
How an image could compromise your Mac: understanding an ExifTool vulnerability (CVE-2026-3102)
Introduction
ExifTool is a widely adopted utility for reading and writing metadata in image, PDF, audio, and video files. It is available both as a...
IT threat evolution in Q1 2026. Mobile statistics
IT threat evolution in Q1 2026. Mobile statistics
IT threat evolution in Q1 2026. Non-mobile statistics
In the third quarter of 2025, we updated the methodology...
Kimsuky targets organizations with PebbleDash-based tools
Over the past few months, we have conducted an in-depth analysis of specific activity clusters of Kimsuky (aka APT43, Ruby Sleet, Black Banshee, Sparkling...
CVE-2025-68670: discovering an RCE vulnerability in xrdp
In addition to KasperskyOS-powered solutions, Kaspersky offers various utility software to streamline business operations. For instance, users of Kaspersky Thin Client, an operating system...
Exploits and vulnerabilities in Q1 2026
During Q1 2026, the exploit kits leveraged by threat actors to target user systems expanded once again, incorporating new exploits for the Microsoft Office...
Silver Fox uses the new ABCDoor backdoor to target organizations in Russia and India
In December 2025, we detected a wave of malicious emails designed to look like official correspondence from the Indian tax service. A few weeks...
Latest article
Operation Endgame 4.0 – 153,527 breached accounts
On 18 June 2026, the latest phase of Operation Endgame targeted the SocGholish malware operation, a prolific malware distribution network used to compromise systems...
Accelerate security investigations with Kiro CLI
When a security event occurs in your Amazon Web Services (AWS) environment, rapid response is critical. However security teams often struggle with time-consuming, manual...
Close Encounters of the Human Kind
Welcome to this week’s Threat Source newsletter. I love a Spielberg summer. His ability to imbue a sense of wonder, awe, curiosity, and connection means he’s in a...
New iPhone BootROM Vulnerability Exposes Apple SoCs to Full Chain-of-Trust Compromise
A novel BootROM vulnerability, dubbed usbliter8, affects Apple devices powered by A12, S4/S5, and A13 SoCs. The exploit chains a hardware-level bug in the...
