Cloud Atlas activity in the second half of 2025 and early 2026: new tools...
In 2025, we observed pervasive SSH tunnel activity, which has remained active into 2026, affecting many government organizations and commercial companies in Russia and...
How an image could compromise your Mac: understanding an ExifTool vulnerability (CVE-2026-3102)
Introduction
ExifTool is a widely adopted utility for reading and writing metadata in image, PDF, audio, and video files. It is available both as a...
IT threat evolution in Q1 2026. Mobile statistics
IT threat evolution in Q1 2026. Mobile statistics
IT threat evolution in Q1 2026. Non-mobile statistics
In the third quarter of 2025, we updated the methodology...
Kimsuky targets organizations with PebbleDash-based tools
Over the past few months, we have conducted an in-depth analysis of specific activity clusters of Kimsuky (aka APT43, Ruby Sleet, Black Banshee, Sparkling...
CVE-2025-68670: discovering an RCE vulnerability in xrdp
In addition to KasperskyOS-powered solutions, Kaspersky offers various utility software to streamline business operations. For instance, users of Kaspersky Thin Client, an operating system...
Exploits and vulnerabilities in Q1 2026
During Q1 2026, the exploit kits leveraged by threat actors to target user systems expanded once again, incorporating new exploits for the Microsoft Office...
Silver Fox uses the new ABCDoor backdoor to target organizations in Russia and India
In December 2025, we detected a wave of malicious emails designed to look like official correspondence from the Indian tax service. A few weeks...
PhantomRPC: A new privilege escalation technique in Windows RPC
Intro
Windows Interprocess Communication (IPC) is one of the most complex technologies within the Windows operating system. At the core of this ecosystem is the...
FakeWallet crypto stealer spreading through iOS apps in the App Store
In March 2026, we uncovered more than twenty phishing apps in the Apple App Store masquerading as popular crypto wallets. Once launched, these apps...
Threat landscape for industrial automation systems in Q4 2025
Statistics across all threats
The percentage of ICS computers on which malicious objects were blocked has been decreasing since the beginning of 2024. In Q4...
Latest article
New EDRChoker Tool Uses Policy-Based Quality of Service to Block EDR Processes
A newly released open-source red team tool called EDRChoker introduces a novel technique for silencing cloud-connected Endpoint Detection and Response (EDR) agents not by killing their...
CVE-2026-42504 Quadratic complexity in WordDecoder.DecodeHeader in mime
Information published. - Read more
Baker Distributing – 102,935 breached accounts
In May 2026, the HVAC/R wholesale distributor Baker Distributing Company was added to the ShinyHunters data extortion group's "pay or leak" site. In early...
AI Upgrades, Security Flaws, and SpaceX’s Record IPO Define the Week in Tech
See what you missed in Daily Tech Insider from June 1–5.
The post AI Upgrades, Security Flaws, and SpaceX’s Record IPO Define the Week in...
